CVE-2001-1448 Information

Description

Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc (2) mgrnt and (3) mgdatasrvr.sc scripts.

Reference

http://www.kb.cert.org/vuls/id/157795 http://www.securityfocus.com/archive/1/246343 https://exchange.xforce.ibmcloud.com/vulnerabilities/10616