CVE-2012-3447 (retired)

Priority
Description
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and
Folsom before Folsom-3 allows remote authenticated users to overwrite
arbitrary files via a symlink attack on a file in an image that uses a
symlink that is only readable by root. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2012-3361.
More Information

Updated: 2019-03-26 12:03:00 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)