Computer Security
[EN] securityvulns.ru no-pyccku


glib library privilege escalation
Published:24.09.2009
Source:
SecurityVulns ID:10266
Type:library
Threat Level:
5/10
Description:g_file_copy function sets symbolic link's permission if source file is copied by symbolic link.
CVE:CVE-2009-3289 (The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:245 ] glib2.0 (24.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod