The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| vincent_fourmond | pmount | 0.9.18 |