2008-11-18 15:00:00
mitre
PUBLISHED
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file.