CVE-2012-6114

Summary

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort.

Affected Software

VendorProductVersion RangeStatus
git-extrasgit-extras1.7.0affected

Weaknesses

  • Symbolic Link Following

ADP Enrichment

CVE Program Container

Additional References

References