ID | CVE-2020-1752 | ||||||
Sažetak | A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:L/AC:H/Au:N/C:P/I:P/A:P | ||||||
Zadnje važnije ažuriranje | 07-11-2023 - 03:19 | ||||||
Objavljeno | 30-04-2020 - 17:15 |