• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Wine Local Insecure File Creation Vulnerability

A local insecure file creation vulnerability affects Wine. This issue is due to a design error that fails to securely write to files in world-accessible directories.

An attacker may leverage this issue to use a symbolic link file named after the offending temporary file to write to arbitrary files with an unsuspecting user's privileges. Furthermore and attacker may gain access to potentially sensitive information contained within the temporary file.