Arbitrary File Deletion Vulnerability in Tunnelblick 3.3beta20 and Earlier
CVE-2012-4676 · LOW Severity
AV:L/AC:H/AU:N/C:N/I:P/A:N
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.
Learn more about our User Device Pen Test.