Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Clang‘GetHTMLRunDir’函数安全漏洞
Vulnerability Description
Clang是美国软件开发者克里斯-拉特纳(Chris Lattner)所研发的一个C、C++、Objective-C和Objective-C++编程语言的编译器前端。 Clang 3.5及之前版本的scan-build工具中的‘GetHTMLRunDir’函数存在安全漏洞。本地攻击者可通过对临时目录实施符号链接攻击利用该漏洞,获取敏感信息或覆盖任意文件。
CVSS Information
N/A
Vulnerability Type
N/A