MidnightBSD

Advisories for cronic_project

CVE-2016-3992 MEDIUM

cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1) cronic.out.$$, (2) cronic.err.$$, or (3) cronic.trace.$$ file in /tmp.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
cronic_project cronic 2
opensuse leap 42.1
debian debian_linux 7.0
debian debian_linux 8.0
opensuse opensuse 13.2