Описание
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.1 (исключая)
cpe:2.3:a:xcfa_project:xcfa:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00111
Низкий
4.7 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 4.7
ubuntu
около 6 лет назад
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.
CVSS3: 4.7
debian
около 6 лет назад
xcfa before 5.0.1 creates temporary files insecurely which could allow ...
CVSS3: 4.7
github
больше 3 лет назад
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files.
EPSS
Процентиль: 30%
0.00111
Низкий
4.7 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-362