Mandriva Linux Security Advisory 2009:245: glib2.0

24

A vulnerability was discovered and corrected in glib2.0:

The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory (CVE-2009-3289).

This update provides a solution to this vulnerability…

Read More