CVE-2006-1280

2006-03-19T11:06:00
ID CVE-2006-1280
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:30:00

Description

CGI::Session 4.03-1 does not set proper permissions on temporary files created in (1) Driver::File and (2) Driver::db_file, which allows local users to obtain privileged information, such as session keys, by viewing the files.