Lucene search

[email protected]CVE-2002-1119

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1119

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-1119

python

security vulnerability

symlink attack

code execution

nvd

7.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.

CPENameOperatorVersion
python:pythonpythonlt2.2.2

CPE	Name	Operator	Version
python:python	python	lt	2.2.2

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-045.0.txt

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000527

mail.python.org/pipermail/python-dev/2002-August/027229.html

marc.info/?l=bugtraq&m=104333092200589&w=2

www.debian.org/security/2002/dsa-159

www.iss.net/security_center/static/10009.php

www.linux-mandrake.com/en/security/2002/MDKSA-2002-082.php

www.redhat.com/support/errata/RHSA-2002-202.html

www.redhat.com/support/errata/RHSA-2003-048.html

www.securityfocus.com/bid/5581

7.2 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2002-1119

openvas4 redhat1 nessus3