aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Astats |
Astats |
1.6.5 (including) |
1.6.5 (including) |
References