Lucene search
Gentoo FoundationMGASA-2014-0047HistoryFeb 11, 2014 - 12:14 a.m.
Updated flite package fixes CVE-2014-0027
2014-02-1100:14:25
Gentoo Foundation
advisories.mageia.org
13
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
EPSS
0
Percentile
5.1%
Updated flite packages fix security vulnerability: The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav (CVE-2014-0027).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | flite | <ย 1.4-2.1 | flite-1.4-2.1.mga3 |
| Mageia | 4 | noarch | flite | <ย 1.4-4.1 | flite-1.4-4.1.mga4 |
Related
nessus
nessus
Mandriva Linux Security Advisory : flite (MDVSA-2014:032)
2014-02-16 00:00:00
Fedora 20 : flite-1.3-21.fc20 (2014-0579)
2014-02-05 00:00:00
Fedora 19 : flite-1.3-20.fc19 (2014-0574)
2014-02-05 00:00:00
prion
prion
Information disclosure
2014-01-26 01:55:00
fedora
fedora
[SECURITY] Fedora 19 Update: flite-1.3-20.fc19
2014-02-05 03:38:40
[SECURITY] Fedora 20 Update: flite-1.3-21.fc20
2014-02-05 03:43:28
cvelist
cvelist
CVE-2014-0027
2014-01-26 01:00:00
securityvulns
securityvulns
[ MDVSA-2014:032 ] flite
2014-02-18 00:00:00
flite symbolic links vulnerability
2014-02-18 00:00:00
debiancve
debiancve
CVE-2014-0027
2014-01-26 01:55:19
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0047)
2022-01-28 00:00:00
seebug
seebug
Flite 'play_wave_from_socket()'ไธๅฎๅ
จไธดๆถๆไปถๅๅปบๆผๆด
2014-02-10 00:00:00
ubuntucve
ubuntucve
CVE-2014-0027
2014-01-26 00:00:00
nvd
nvd
CVE-2014-0027
2014-01-26 01:55:19
cve
cve
CVE-2014-0027
2014-01-26 01:55:19
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
EPSS
0
Percentile
5.1%
Related for MGASA-2014-0047