RSS   Vulnerabilities for 'Tardiff'   RSS

2016-05-06
 
CVE-2015-0858

 

 
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.

 
 
CVE-2015-0857

 

 
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.

 


Copyright 2024, cxsecurity.com

 

Back to Top