CVE-2020-15397

CVE-2020-15397

HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).

Source: CVE-2020-15397

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다