Page 6 of 51 results (0.006 seconds)
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 1
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 1CVE-2014-1933 – Mandriva Linux Security Advisory 2014-082
https://notcve.org/view.php?id=CVE-2014-1933
15 Apr 2014 — The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes. Los scripts (1) JpegImagePlugin.py y (2) EpsImagePlugin.py en Python Image Library (PIL) 1.1.7 y anteriores y Pillow anterior a 2.3.1 utiliza los nombres de archivos temporales en la línea de comando, lo que facilita a usuarios local... • http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •