Описание
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | released | 2:1.4.10-0ubuntu1 |
| feisty | ignored | end of life, was needed |
| gutsy | released | 2:1.4.7-0ubuntu3.1 |
| hardy | released | 2:1.4.9.1-0ubuntu3.1 |
| upstream | released | 1.4.10 |
Показывать по
3.3 Low
CVSS2
Связанные уязвимости
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowse ...
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
3.3 Low
CVSS2