CVE-2008-5007

2008-11-10T14:12:00
ID CVE-2008-5007
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:33:00

Description

create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory.