Code injection

2018-07-2017:29:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp.

References

www.openwall.com/lists/oss-security/2014/06/13/5

www.s48.org/cgi-bin/hgwebdir.cgi/s48/rev/a44624256297

www.securityfocus.com/bid/67654

bugs.debian.org/cgi-bin/bugreport.cgi?bug=748766