feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tug texlive 2007 |