CVE-2017-8934 - log back

CVE-2017-8934 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Access restriction bypass
Description
+ The socket placed in /tmp by pcmanfm is predictable and public-writable. Therefore if one user placed a symlink to another socket instead of socket for another user then said another user will either be unable to use pcmanfm, or may send requests to the first user's pcmanfm.
References
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862571
+ https://git.lxde.org/gitweb/?p=lxde/pcmanfm.git;a=commitdiff;h=bc8c3d871e9ecc67c47ff002b68cf049793faf08
Notes