Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4617

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2011-4617
Last Modified 31 Jan 2012 11:12:07
Published 30 Dec 2011 08:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2011-4617

Summary

virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.

Vulnerable Systems

Application

  • Python Virtualenv 0.8

  • Python Virtualenv 0.8.1

  • Python Virtualenv 0.8.2

  • Python Virtualenv 0.8.3

  • Python Virtualenv 0.8.4

  • Python Virtualenv 0.9

  • Python Virtualenv 0.9.1

  • Python Virtualenv 0.9.2

  • Python Virtualenv 1.0

  • Python Virtualenv 1.1

  • Python Virtualenv 1.1.1

  • Python Virtualenv 1.2

  • Python Virtualenv 1.3

  • Python Virtualenv 1.3.1

  • Python Virtualenv 1.3.2

  • Python Virtualenv 1.3.3

  • Python Virtualenv 1.3.4

  • Python Virtualenv 1.4

  • Python Virtualenv 1.4.1

  • Python Virtualenv 1.4.2

  • Python Virtualenv 1.4.3

  • Python Virtualenv 1.4.4

  • Python Virtualenv 1.4.5

  • Python Virtualenv 1.4.6

  • Python Virtualenv 1.4.7

  • Python Virtualenv 1.4.8

  • Python Virtualenv 1.4.9


References

CONFIRM - https://bitbucket.org/ianb/virtualenv/changeset/8be37c509fe5

SECUNIA - 47240

MLIST - [oss-security] 20111219 Re: CVE id request: python-virtualenv

MLIST - [oss-security] 20111219 CVE id request: python-virtualenv

FEDORA - FEDORA-2011-17341

FEDORA - FEDORA-2011-17289


Last Updated: 27 May 2016 10:57:18