CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Debian: >> Localepurge Security Vulnerabilities

CVE-2014-1638

(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename.

CVSS Score

3.3

EPSS Score

0.001

Published

2014-01-28

Page 1

Vulnerabilities

Vulnerable Software

Debian: >> Localepurge Security Vulnerabilities

Products

Pricing

Contact Us