Overview
Some versions of Magic eDeveloper Enterprise Edition contain a symbolic-link vulnerability that allows attackers to overwrite data or execute arbitrary commands.
Description
Magic eDeveloper is a development environment for large-scale and distributed applications. Magic eDeveloper Enterprise Edition versions 8.30-5 and earlier handle temporary files insecurely by not checking for symbolic links. Magic eDeveloper version 9 may also be affected. Magic eDeveloper is reported to trust certain files to contain code safe for execution. The ability to overwrite these files could allow an attacker to supply arbitrary code for execution on the system. |
Impact
Attackers with previously established access to the filesystem may be able to manipulate Magic eDeveloper to write data to arbitrary file locations. Since Magic eDeveloper trusts certain files to contain safe executable code, overwriting these files can cause Magic eDeveloper to run arbitrary malicious code. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Stephan Holtwisch for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
Other Information
| CVE IDs: | None |
| Severity Metric: | 4.95 |
| Date Public: | 2001-12-17 |
| Date First Published: | 2002-08-05 |
| Date Last Updated: | 2003-04-11 22:15 UTC |
| Document Revision: | 17 |