Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0027

Опубликовано: 10 янв. 2014
Источник: redhat
CVSS2: 3.6

Описание

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7fliteNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-377
https://bugzilla.redhat.com/show_bug.cgi?id=1048678flite: insecure temporary file use

3.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0027

ubuntu
около 12 лет назад

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.

nvd логотип

CVE-2014-0027

nvd
около 12 лет назад

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.

debian логотип

CVE-2014-0027

debian
около 12 лет назад

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 al ...

github логотип

GHSA-wp3x-6766-qrc3

github
больше 3 лет назад

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.

3.6 Low

CVSS2