-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282
Use CVE-2014-5459.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through
Hello,
It was reported that the pear utility insecurely used the /tmp/
directory for cache data. A local attacker could use this flaw to
perform a symbolic link attack against a user (typically the root user)
running a pear command (such as pear install).
Original report:
2 matches
Mail list logo
