Lucene search
HistoryAug 16, 2014 - 4:39 a.m.
CVE-2014-5260
xml-dt
security vulnerability
symlink attack
nvd
cve-2014-5260
6.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/xml##### temporary file.
Affected configurations
Node
xml-dt_projectxml-dtRange≤0.63
ORxml-dt_projectxml-dtMatch0.60
ORxml-dt_projectxml-dtMatch0.61
ORxml-dt_projectxml-dtMatch0.62
Related
securityvulns
securityvulns
[ MDVSA-2014:191 ] perl-XML-DT
2014-10-05 00:00:00
perl-XML-DT symbolic links vulnerability
2014-10-05 00:00:00
ubuntucve
ubuntucve
CVE-2014-5260
2014-08-16 00:00:00
nvd
nvd
CVE-2014-5260
2014-08-16 04:39:55
prion
prion
Design/Logic Flaw
2014-08-16 04:39:00
debiancve
debiancve
CVE-2014-5260
2014-08-16 04:39:55
nessus
nessus
Mandriva Linux Security Advisory : perl-XML-DT (MDVSA-2014:191)
2014-09-30 00:00:00
mageia
mageia
Updated perl-XML-DT package fix CVE-2014-5260
2014-09-26 19:55:04
cvelist
cvelist
CVE-2014-5260
2014-08-16 01:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0390)
2022-01-28 00:00:00
6.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-5260