mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tug texlive 20140525 |
||
tug texlive 20130530 |
||
tug texlive 20120701 |
||
tug texlive 20100722 |
||
tug texlive 20110705 |