PEAR Insecure Temporary File Creation Vulnerability
PEAR creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
PEAR version 1.9.1 is vulnerable; other versions may also be affected.