The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-10-06 23:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-1875
Mitre link : CVE-2014-1875
CVE.ORG link : CVE-2014-1875
JSON object : View
Products Affected
cspan
- capture-tiny
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')