CVE-2006-0055

Description

The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.

CVSS Version 2.0

nvd
CVE ID: CVE-2006-0055
Base Score: 2.1
Base Severity: LOW
Vector String:AV:L/AC:L/Au:N/C:N/I:P/A:N

Refrence: NVD

Description​

Description