Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0890

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-0890
Last Modified 10 Sep 2008 03:09:09
Published 11 Dec 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0890

Summary

Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.

Vulnerable Systems

Application

  • Sane 1.0.0

  • Sane 1.0.1

  • Sane 1.0.2

  • Sane 1.0.3

  • Sane 1.0.4

  • Sane 1.0.5

  • Sane 1.0.6


References

XF - xsane-temp-symlink(7714)

REDHAT - RHSA-2001:171

BID - 3987


Last Updated: 27 May 2016 10:36:26