vobcopy: insecure temp file
| Package(s): | vobcopy | CVE #(s): | CVE-2007-5718 | ||||
| Created: | March 6, 2008 | Updated: | March 12, 2008 | ||||
| Description: | From the Gentoo alert: Joey Hess reported that vobcopy appends data to the file "/tmp/vobcopy.bla" in an insecure manner. A local attacker could exploit this vulnerability to conduct symlink attacks and append data to arbitrary files with the privileges of the user running Vobcopy. | ||||||
| Alerts: |
| ||||||