CVE-2013-1495
Oracle Support Tools < 4.3.2 - Arbitrary File Modification via Symlink Attack
Title source: llmDescription
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2013/Feb/159
Scores
EPSS
0.0040
EPSS Percentile
31.3%
Details
CWE
CWE-59
Status
published
Products (1)
oracle/support_tools
< 4.3.2
Published
Mar 18, 2013
Tracked Since
Feb 18, 2026