TarDiff User Privilege Gain Vulnerability

TarDiff is a package comparison tool developed by software developer Josef Spillner. A privilege-acquisition vulnerability exists in TarDiff that stems from the use of predictable temporary directories for tarballs unpacking files. An attacker could exploit the vulnerability to overwrite files wi...