The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and previous versions allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.1 |
||
llvm clang |