CVE-2005-3785

2005-11-23T23:03:00
ID CVE-2005-3785
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T02:27:00

Description

Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix) before 0.5.0_pre2 allows local users to overwrite arbitrary files via a symlink attack on the exi.X.sync temporary file, which is processed by the diff-eix program.