CVE-2012-3447

Priority
Description
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and
Folsom before Folsom-3 allows remote authenticated users to overwrite
arbitrary files via a symlink attack on a file in an image that uses a
symlink that is only readable by root. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2012-3361.
Notes
More Information

Updated: 2020-01-28 10:03:09 UTC (commit 565ead026eb090cb0bdaaed390932e869f816142)