CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2893
https://notcve.org/view.php?id=CVE-2014-2893
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names. La función GetHTMLRunDir en la utilidad scan-build en Clang 3.5 y anteriores permite a usuarios locales obtener información sensible o sobreescribir archivos arbitrarios a través de un ataque symlink sobre directorios temporales con nombres previsibles. • http://lists.opensuse.org/opensuse-updates/2015-02/msg00038.html http://www.openwall.com/lists/oss-security/2014/04/16/2 http://www.openwall.com/lists/oss-security/2014/04/20/1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •