TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunity to decline the request, which allows remote attackers to truncate arbitrary files in the top level of a home directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tintin++ | Tintin | 1.97.9 (including) | 1.97.9 (including) |
Wintin++ | Tintin | 1.97.9 (including) | 1.97.9 (including) |