VULHUB ™

It is reported that cplay is prone to a local insecure temporary file handling symbolic link vulnerability. This issue is due to a design error that allows the application to insecurely write to a temporary file that is created with a predictable file name. The cplay utility will write to this file before verifying its existence; this would facilitate a symbolic link attack.

It is reported that cplay is prone to a local insecure temporary file handling symbolic link vulnerability. This issue is due to a design error that allows the application to insecurely write to a temporary file that is created with a predictable file name. The cplay utility will write to this file before verifying its existence; this would facilitate a symbolic link attack.