convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:13:58
Updated: 2022-10-03T16:13:58
Reserved: 2022-10-03T00:00:00
Link: CVE-2008-4946
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-11-05T15:00:15.087
Modified: 2009-07-20T04:00:00.000
Link: CVE-2008-4946
JSON object: View
Redhat Information
No data.
CWE