cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote malicious users to overwrite arbitrary files via a symlink within an RPM package archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 2010.07.28 |
||
opensuse opensuse 2007.05.10 |
||
gnu cpio |