CVE-2010-1160

Name of the Vulnerable Software and Affected Versions GNU nano versions prior to 2.2.4

Description The issue allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. This occurs because GNU nano does not verify whether a file has been changed before it is overwritten in a file-save operation.

Recommendations For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue.