Arbitrary File Overwrite Vulnerability in libqb before 1.0.5

Arbitrary File Overwrite Vulnerability in libqb before 1.0.5

CVE-2019-12779 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:C/A:C

libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.

Learn more about our User Device Pen Test.