CVE-2012-3329

Name of the Vulnerable Software and Affected Versions IBM Advanced Settings Utility (ASU) versions 3.62 and 3.70 through 9.21 IBM Bootable Media Creator (BoMC) versions 2.30 and 3.00 through 9.21

Description The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file or log file.

Recommendations For IBM Advanced Settings Utility (ASU) versions 3.62 and 3.70 through 9.21, consider restricting access to temporary and log files to prevent arbitrary file overwrites. For IBM Bootable Media Creator (BoMC) versions 2.30 and 3.00 through 9.21, consider restricting access to temporary and log files to prevent arbitrary file overwrites. At the moment, there is no information about a newer version that contains a fix for this vulnerability.