CVE-2014-4996
The CVE-2014-4996 entry concerns the VladTheEnterprising gem for Ruby (version 0.2), with the vulnerable code located at lib/vlad/dba/mysql.rb. The vulnerability is a local privilege issue where an attacker can perform a symlink attack on /tmp/my.cnf.#{target_host}, enabling writing to arbitrary ...