CVE-2014-5255

Опубликовано: 21 нояб. 2019

Источник: debian

EPSS Низкий

Описание

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
xcfa	fixed	5.0.1-1		package

Примечания

Neutralised by kernel temp hardening

EPSS

Процентиль: 25%

0.00088

Низкий

Связанные уязвимости

CVE-2014-5255

CVSS3: 7

ubuntu

около 6 лет назад

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.

CVE-2014-5255

CVSS3: 7

nvd

около 6 лет назад

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.

GHSA-mrc9-9rhm-fccj

CVSS3: 7

github

больше 3 лет назад

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.

EPSS

Процентиль: 25%

0.00088

Низкий