Insecure File Creation Vulnerability in Teradata Studio Express 15.12.00.00 Installation Script

Insecure File Creation Vulnerability in Teradata Studio Express 15.12.00.00 Installation Script

CVE-2016-7490 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges.

Learn more about our User Device Pen Test.