CVE-2002-0178

uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.

Date published : 2003-04-02

http://www.securityfocus.com/bid/4742

http://marc.info/?l=bugtraq&m=103599320902432&w=2