acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Open_suse | Suse | 10.1 (including) | 10.1 (including) |
Open_suse | Suse | 10.2 (including) | 10.2 (including) |
Open_suse | Suse | 10.3 (including) | 10.3 (including) |
Suse_linux | Suse | 10 (including) | 10 (including) |
Suse_linux | Suse | 10-sp1 (including) | 10-sp1 (including) |
Suse_linux | Suse | 10.0 (including) | 10.0 (including) |
Suse_linux | Suse | 10.1 (including) | 10.1 (including) |
Suse_linux_desktop | Suse | 10 (including) | 10 (including) |