CVE-2003-0887

Description

ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file.

Affected products

• angus_mackay / ez-ipupdate3.0.11b5 – 3.0.11b5
• angus_mackay / ez-ipupdate3.0.11b7 – 3.0.11b7

References

• MISChttp://cvs.mandriva.com/cgi-bin/viewcvs.cgi/SPECS/ez-ipupdate/ez-ipupdate.spec?r1=1.4&r2=1.5
• MISChttp://cvs.mandriva.com/cgi-bin/viewcvs.cgi/SPECS/ez-ipupdate/ez-ipupdate.spec?rev=1.6