** REJECT ** The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted the original advisory, stating that "the portion of vulnerable code is not called in any current version of AFFLIB and is therefore not exploitable."
CVSS
No CVSS.
References
No reference.
Configurations
No configuration.
History
No history.
Information
Published : 2007-04-30 22:19
Updated : 2024-02-04 17:13
NVD link : CVE-2007-2056
Mitre link : CVE-2007-2056
CVE.ORG link : CVE-2007-2056
JSON object : View
Products Affected
No product.
CWE
No CWE.