CVE-2018-6198

Опубликовано: 23 янв. 2018

Источник: redhat

CVSS3: 4.3

Описание

w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	w3m	Will not fix
Red Hat Enterprise Linux 6	w3m	Will not fix
Red Hat Enterprise Linux 8	w3m	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-377

https://bugzilla.redhat.com/show_bug.cgi?id=1539127w3m: insecure temporary files creation when ~/.w3m is unwritable

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-6198

CVSS3: 4.7

ubuntu

около 8 лет назад

w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.

CVE-2018-6198

CVSS3: 4.7

nvd

около 8 лет назад

w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.

CVE-2018-6198

CVSS3: 4.7

debian

около 8 лет назад

w3m through 0.5.3 does not properly handle temporary files when the ~/ ...

GHSA-gvrg-2xvq-7j38

CVSS3: 4.7

github

больше 3 лет назад

w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.

openSUSE-SU-2019:1142-1

suse-cvrf

почти 7 лет назад

Security update for w3m

4.3 Medium

CVSS3