Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The filename is used even if it has been created by a local adversary before Cadence started. The adversary can leverage this to create or overwrite files via a symlink attack. In some kernel configurations, code injection into the Wine registry is possible.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cadence Design Systems GUI 安全漏洞
Vulnerability Description
Cadence Design Systems GUI是Cadence Design Systems公司的一款图形用户界面(Graphical User Interface),用于支持其电子设计自动化(EDA)软件工具套件。 Cadence Design Systems GUI 0.9.2 及之前版本存在安全漏洞,该漏洞源于使用不安全的/tmp/cadence-wineasio.reg 临时文件,即使是在 Cadence 启动之前创建该文件,也会被使用,攻击者利用该漏洞可以通过符号链接攻击来创建或覆盖文件,
CVSS Information
N/A
Vulnerability Type
N/A