Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1934

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2014-1934
Last Modified 09 May 2014 01:20:43
Published 08 May 2014 10:29:14
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1934

Summary

tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.

Vulnerable Systems

Operating System

  • Novell Opensuse 12.3

  • Novell Opensuse 13.1

Application

  • Travis Shirk Eyed3 0.1.0

  • Travis Shirk Eyed3 0.2.0

  • Travis Shirk Eyed3 0.3.0

  • Travis Shirk Eyed3 0.3.1

  • Travis Shirk Eyed3 0.4.0

  • Travis Shirk Eyed3 0.5.0

  • Travis Shirk Eyed3 0.5.1

  • Travis Shirk Eyed3 0.6.0

  • Travis Shirk Eyed3 0.6.1

  • Travis Shirk Eyed3 0.6.10

  • Travis Shirk Eyed3 0.6.11

  • Travis Shirk Eyed3 0.6.12

  • Travis Shirk Eyed3 0.6.13

  • Travis Shirk Eyed3 0.6.14

  • Travis Shirk Eyed3 0.6.15

  • Travis Shirk Eyed3 0.6.16

  • Travis Shirk Eyed3 0.6.17

  • Travis Shirk Eyed3 0.6.18

  • Travis Shirk Eyed3 0.6.2

  • Travis Shirk Eyed3 0.6.3

  • Travis Shirk Eyed3 0.6.4

  • Travis Shirk Eyed3 0.6.5

  • Travis Shirk Eyed3 0.6.6

  • Travis Shirk Eyed3 0.6.8

  • Travis Shirk Eyed3 0.6.9

  • Travis Shirk Eyed3 0.7.3


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1063671

CONFIRM - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737062

SUSE - openSUSE-SU-2014:0620

SUSE - openSUSE-SU-2014:0619


Last Updated: 27 May 2016 11:05:15