CVE-2008-3791

Name of the Vulnerable Software and Affected Versions LXDE GPicView version 0.1.9

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file. This is due to a flaw in the src/main-win.c file of GPicView.

Recommendations For GPicView version 0.1.9, consider restricting access to the /tmp directory to prevent symlink attacks until a patch is available. As a temporary workaround, avoid using GPicView to handle sensitive files or in environments where file integrity is crucial. At the moment, there is no information about a newer version that contains a fix for this vulnerability.