Lucene search

[email protected]NVD:CVE-2014-3421

HistoryMay 08, 2014 - 10:55 a.m.

CVE-2014-3421

2014-05-0810:55:05

CWE-59

[email protected]

web.nvd.nist.gov

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.

Affected configurations

NVD

Node

mageia_projectmageiaMatch3

mageia_projectmageiaMatch4

Node

gnuemacsRange≤24.3

gnuemacsMatch20.0

gnuemacsMatch20.1

gnuemacsMatch20.2

gnuemacsMatch20.3

gnuemacsMatch20.4

gnuemacsMatch20.5

gnuemacsMatch20.6

gnuemacsMatch20.7

gnuemacsMatch21

gnuemacsMatch21.1

gnuemacsMatch21.2

gnuemacsMatch21.2.1

gnuemacsMatch21.3

gnuemacsMatch21.3.1

gnuemacsMatch21.4

gnuemacsMatch22.1

gnuemacsMatch22.2

gnuemacsMatch22.3

gnuemacsMatch23.1

gnuemacsMatch23.2

gnuemacsMatch23.3

gnuemacsMatch23.4

gnuemacsMatch24.1

gnuemacsMatch24.2

References

advisories.mageia.org/MGASA-2014-0250.html

debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8

lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html

openwall.com/lists/oss-security/2014/05/07/7

www.mandriva.com/security/advisories?name=MDVSA-2015:117

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2014-3421

debiancve1 prion1 cvelist1 cve1 ubuntucve1 nessus11 openvas6 fedora1 mageia1 kaspersky1 securityvulns1 rosalinux1