ocrodjvu Insecure Temporary File Creation Vulnerability

ocrodjvu creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Other attacks may also be possible.

ocrodjvu 0.4.6-1 and 0.4.1-1 are vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus