CVE-2008-4935

asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview.pgm temporary file...

CVE-2008-4935

CVE-2008-4935 affects the aview image viewer (version 1.3.0) and is caused by insecure temporary file handling: it uses a path like /tmp/aview$$$.pgm, enabling a local attacker to perform a symlink attack and overwrite arbitrary files with the privileges of the running user. Impact is described a...