CVE-2012-3361

Priority
Description
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex
(2012.1), and Diablo (2011.3) allows remote authenticated users to
overwrite arbitrary files via a symlink attack on a file in an image.
Notes
tyhicksPer OpenStack Vuln Mgmt Team, all Nova versions are affected
The fix for this CVE was incomplete, see CVE-2012-3447
Package
Source: nova (LP Ubuntu Debian)
Upstream:not-affected (2012.2~f2)
More Information

Updated: 2020-01-29 19:44:26 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)