CVE-2006-1279
EPSS 0.48%
Description
CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by (1) Driver::File, (2) Driver::db_file, and possibly (3) Driver::sqlite.
How to fix CVE-2006-1279
To remediate CVE-2006-1279, upgrade the affected package to a fixed version below.
- Debian/libcgi-session-perl—upgrade to 4.11-1 or later
Is CVE-2006-1279 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.11-1