The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gtkdiskfree gtkdiskfree |