ELSA-2016-0188 -- Oracle sos
|ID: oval:org.secpod.oval:def:1501346||Date: (C)2016-06-02 (M)2018-01-05|
|Class: PATCH||Family: unix|
An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system.