vendor:
Unknown
by:
Unknown
7.5
CVSS
HIGH
Insecure Temporary File Handling Symbolic Link
Unknown
CWE
Product Name: Unknown
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: Unknown
Platforms Tested: Unknown
Unknown
IM-Switch Insecure Temporary File Handling Symbolic Link Vulnerability
The im-switch utility is prone to a local insecure temporary file handling symbolic link vulnerability. This vulnerability occurs due to a design error that allows the application to insecurely write to a temporary file with a predictable file name. An attacker can exploit this vulnerability by creating symbolic links to arbitrary files, which can result in the corruption of these files and potentially lead to privilege escalation or a system-wide denial of service.
Mitigation:
Unknown