Computer Security

glib library privilege escalation
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



glib library privilege escalation
Published:24.09.2009
Source:BUGTRAQ
SecurityVulns ID:10266
Type:library
Level:5/10
Description:g_file_copy function sets symbolic link's permission if source file is copied by symbolic link.
CVE:CVE-2009-3289 (The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:245 ] glib2.0 (24.09.2009)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru