editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.tag.tmp temporary file.
CVSS Score
6.9
EPSS Score
0.0
Published
2008-12-08
The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to have an unknown impact with unknown attack vectors.
CVSS Score
7.2
EPSS Score
0.0
Published
2005-07-05