uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.
Max CVSS
7.2
EPSS Score
0.07%
Published
2002-05-29
Updated
2016-10-18
1 vulnerabilities found