Name of the Vulnerable Software and Affected Versions libdb-4 5 (affected versions not specified)

Description The issue allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application using libdb-4 8. This occurs when a DB CONFIG file is present in the current working directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.