-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282
Use CVE-2014-5459.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id
Hello,
It was reported that the pear utility insecurely used the /tmp/
directory for cache data. A local attacker could use this flaw to
perform a symbolic link attack against a user (typically the root user)
running a pear command (such as "pear install").
Original report:
https://bugs.deb
2 matches
Mail list logo