CVE-2015-0858

Published: 06 May 2016

Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.

Priority

Medium

CVSS 3 base score: 3.3

Status

Package Release Status
tardiff
Launchpad, Ubuntu, Debian
Upstream
Released (0.1-3)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(0.1-4)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [0.1-2+deb8u2build0.14.04.1])