SimpleCDR-X Insecure Temporary File Creation Vulnerability

SimpleCDR-X Insecure Temporary File Creation Vulnerability

SimpleCDR-X creates temporary files in an insecure manner.

A local attacker would most likely take advantage of this vulnerability by creating a malicious symbolic link in a directory where the temporary files will be created.

Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may also be possible.

SimpleCDR-X 1.3.3 is reported to be vulnerable. Other versions may also be affected.