xterm in Digital UNIX 4.0B with patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Unix | Digital | 4.0b (including) | 4.0b (including) |