Description
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2014-2397 Vulnerability (CVE-2014-2397)
WordPress Plugin WPtouch 'wptouch_redirect' Parameter URI Redirection (1.9.32)
PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)
MySQL CVE-2021-35630 Vulnerability (CVE-2021-35630)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)