Lucene search
MitreCVE-2014-2893HistoryApr 23, 2014 - 3:55 p.m.
CVE-2014-2893
2014-04-2315:55:05
CWE-59
mitre
web.nvd.nist.gov
31
cve-2014-2893
gethtmlrundir
scan-build utility
clang 3.5
symlink attack
sensitive information
overwrite files
nvd
CVSS2
1.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
Affected configurations
Node
opensuseopensuseMatch13.1
Node
llvmclangRange≤3.5
Related
prion
prion
Information disclosure
2014-04-23 15:55:00
nvd
nvd
CVE-2014-2893
2014-04-23 15:55:05
ubuntucve
ubuntucve
CVE-2014-2893
2014-04-23 00:00:00
debiancve
debiancve
CVE-2014-2893
2014-04-23 15:55:00
nessus
nessus
openSUSE Security Update : llvm (openSUSE-2015-122)
2015-02-10 00:00:00
cvelist
cvelist
CVE-2014-2893
2014-04-23 14:00:00
CVSS2
1.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2014-2893