CVE-2012-3484

Name of the Vulnerable Software and Affected Versions Tunnelblick versions 3.3beta20 and earlier

Description The issue allows local users to bypass intended access restrictions and gain privileges. This can be achieved via a user-mountable image or a network share, by exploiting the fact that Tunnelblick relies on a test for specific ownership and permissions to determine whether a program can be safely executed.

Recommendations For Tunnelblick versions 3.3beta20 and earlier, consider restricting access to user-mountable images and network shares to minimize the risk of exploitation. Additionally, review and enforce strict ownership and permissions settings to prevent unauthorized execution of programs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.