1 results (0.004 seconds)
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0027 – Mandriva Linux Security Advisory 2014-032
https://notcve.org/view.php?id=CVE-2014-0027
26 Jan 2014 — The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information. La función play_wave_from_socket en audio/auserver.c en Flite 1.4 permite a usuarios locales modificar archivos de forma arbitraria a través de un ataque simlink en /tmp/awb.wav. NOTA: Algunos de estos detalles fueron obtenidos de información de terceros. The play_wave_from_socket function... • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •