The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-10-03
Updated
2008-11-11
1 vulnerabilities found