Computer Security
[EN] securityvulns.ru no-pyccku


po4a symbolic links problem
Published:14.09.2007
Source:
SecurityVulns ID:8151
Type:remote
Threat Level:
5/10
Description:Symbolic links problem on /tmp/gettextization.failed.po file creation.
Affected:PO4A : po4a 0.32
CVE:CVE-2007-4462 (lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.)
Original documentdocumentGENTOO, [ GLSA 200709-04 ] po4a: Insecure temporary file creation (14.09.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod