A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and previous versions, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitrock_installer.log temporary file. NOTE: it is possible that this vulnerability is present in other products that use this installer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
process-one ejabberd 1.1.1.0 |
||
bitrock install builder |
||
process-one ejabberd |