KDE libmediatool symlink Attack Vulnerability

Local users may create files as the user running KDE.

One of KDE's libraries, libmediatool, has a /tmp race problem. The problem is the way the library creates /tmp files. You can predict when a file will be created and create a symlink with the same name.


 

Privacy Statement
Copyright 2010, SecurityFocus