CVE-2016-7490

Name of the Vulnerable Software and Affected Versions Teradata Studio Express version 15.12.00.00

Description The issue arises from the insecure creation of files in the /tmp directory by the installation script studioexpressinstall. This could allow a malicious local user to create a symlink in /tmp, potentially leading to the clobbering of system files or elevation of privileges.

Recommendations For Teradata Studio Express version 15.12.00.00, consider restricting access to the /tmp directory to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the studioexpressinstall script in environments where local users could potentially exploit this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.