2005-12-28 02:00:00
mitre
PUBLISHED
The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.