Description
The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2005-1917 | The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames. |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T22:06:57.658Z
Reserved: 2005-06-08T00:00:00.000Z
Link: CVE-2005-1915
No data.
Status : Modified
Published: 2005-09-02T17:03:00.000
Modified: 2026-06-16T22:13:54.613
Link: CVE-2005-1915
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD