Arbitrary File Overwrite Vulnerability in Conky 1.8.1 and Earlier

Arbitrary File Overwrite Vulnerability in Conky 1.8.1 and Earlier

CVE-2011-3616 · MEDIUM Severity

AV:L/AC:M/AU:N/C:N/I:C/A:C

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.

Learn more about our User Device Pen Test.