Opencryptoki Project : Security Vulnerabilities, CVEs, Published In 2012
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/.
Max CVSS
6.2
EPSS Score
0.04%
Published
2012-10-10
Updated
2023-02-13
openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
Max CVSS
2.9
EPSS Score
0.04%
Published
2012-10-10
Updated
2023-02-13
2 vulnerabilities found