alpine 3.6
misc weakness #17

The software specifies permissions for a security-critical resource in a way that allows the resource to be read or modified by unintended actors.

2

Weakness Breakdown


Warning code(s):

Check when opening files - can an attacker redirect it.

File Name:

./src/CEGUI-0.6.2/src/CEGUIDefaultLogger.cpp

Context:
d_ostream.open(filename.c_str(), std::ios_base::out | (append ? std::ios_base::app : std::ios_base::trunc));

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.