CVE-2010-2056 – Gentoo Linux Security Advisory 201412-08

https://notcve.org/view.php?id=CVE-2010-2056

22 Jul 2010 — GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. GNU gv anterior a v3.7.0 permite a usuarios locales sobrescribir ficheros a su elección mediante un ataque de enlace simbólico en un archivo temporal. This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. • http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043913.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •