Lucene search
GoogleOSV:DLA-366-1HistoryDec 10, 2015 - 12:00 a.m.
arts - security update
2015-12-1000:00:00
Google
osv.dev
9
0.0004 Low
EPSS
Percentile
5.1%
It has been reported that arts uses the insecure mktemp() function
to create the temporary directory it uses to host user-specific sockets.
It is thus possible for another user to hijack this temporary directory
and gain IPC access it should not have.
In Debian 6 Squeeze, this issue has been addressed in arts
1.5.9-3+deb6u1 with the use of the safer mkdtemp() function.
We recommend that you upgrade your arts packages.
Other Debian releases do not have the arts package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| arts | eq | 1.5.9-3 | |
| arts | eq | 1.5.9-3+avr32 |
References
Related
nessus
nessus
Debian DLA-367-1 : kdelibs security update
2015-12-11 00:00:00
Debian DLA-366-1 : arts security update
2015-12-11 00:00:00
RHEL 5 : arts (Unpatched Vulnerability)
2024-06-03 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: arts-1.5.10-30.fc23
2015-12-29 22:27:37
[SECURITY] Fedora 22 Update: kdelibs3-3.5.10-71.fc22
2015-12-30 17:58:01
[SECURITY] Fedora 22 Update: arts-1.5.10-30.fc22
2015-12-30 17:58:09
debiancve
debiancve
CVE-2015-7543
2017-07-25 14:29:00
cvelist
cvelist
CVE-2015-7543
2017-07-25 14:00:00
openvas
openvas
Fedora Update for arts FEDORA-2015-8
2015-12-31 00:00:00
Debian: Security Advisory (DLA-366-1)
2023-03-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3487-1)
2021-06-09 00:00:00
nvd
nvd
CVE-2015-7543
2017-07-25 14:29:00
ubuntucve
ubuntucve
CVE-2015-7543
2017-07-25 00:00:00
debian
debian
[SECURITY] [DLA 367-1] kdelibs security update
2015-12-10 12:00:57
[SECURITY] [DLA 366-1] arts security update
2015-12-10 10:48:59
cve
cve
CVE-2015-7543
2017-07-25 14:29:00
prion
prion
Directory traversal
2017-07-25 14:29:00