CVE-2009-3289

Metadata

CVE-2009-3289
4.4
lists.opensuse.org, openwall.com, vupen.com, bugs.launchpad.net, bugzilla.gnome.org
2009-09-22
2017-06-06 20:21

Description

The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.

Related Vulnerabilities

platform vulnerability
CVE-2009-3289 glib2.0
CVE-2009-3289