Arbitrary File Creation and Overwrite Vulnerability in GNOME Workstation Command Center (gwcc)

Arbitrary File Creation and Overwrite Vulnerability in GNOME Workstation Command Center (gwcc)

CVE-2005-2944 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file.

Learn more about our User Device Pen Test.