uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
Max CVSS
4.4
EPSS Score
0.04%
Published
2008-05-16
Updated
2017-08-08
1 vulnerabilities found