Symlink Attack Vulnerability in Qualcomm Qpopper's popauth Utility

Symlink Attack Vulnerability in Qualcomm Qpopper's popauth Utility

CVE-2001-1487 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.

Learn more about our User Device Pen Test.