CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-7490 – Teradata Studio Express 15.12.00.00 Race Condition
https://notcve.org/view.php?id=CVE-2016-7490
The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges. El script de instalación studioexpressinstall para Teradata Studio Express 15.12.00.00 crea archivos en /tmp insecurely. Un usuario local malicioso podría crear un symlink en /tmp y posiblemente golpear archivos de sistemas o quizá elevar privilegios. Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition. • http://www.securityfocus.com/bid/94255 http://www.vapidlabs.com/advisory.php?v=174 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-264: Permissions, Privileges, and Access Controls •