VULHUB ™

The MATLAB Mex script is prone to an issue which may allow local attackers to corrupt files. MATLAB uses the process ID (PID) when naming temporary files. If an attacker can anticipate the name of temporary files created by Mex, then the attacker can place a malicious symbolic link in place of the temporary files. If the symbolic link points to a file which is writeable by the MATLAB user, then they will be corrupted when the Mex script performs any actions on temporary files.

The MATLAB Mex script is prone to an issue which may allow local attackers to corrupt files. MATLAB uses the process ID (PID) when naming temporary files. If an attacker can anticipate the name of temporary files created by Mex, then the attacker can place a malicious symbolic link in place of the temporary files. If the symbolic link points to a file which is writeable by the MATLAB user, then they will be corrupted when the Mex script performs any actions on temporary files.