AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Allcommerce |
Lee_herron |
1.2.3 |
1.2.3 |
References