CVE-2015-0858

CVE-2015-0858

EPSS 0.4%

Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a http://www.debian.org/security/2016/dsa-3562