Vulnerability in Opencryptoki_project Opencryptoki

CVE-2012-4454

openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.

EPSS: 0.010 (59.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References