Lucene search
GoogleOSV:PYSEC-2014-83HistoryMar 11, 2014 - 7:37 p.m.
PYSEC-2014-83
2014-03-1119:37:00
Google
osv.dev
8
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on /tmp/toto.fdf.
Related
prion
prion
Design/Logic Flaw
2014-03-11 19:37:00
cve
cve
CVE-2014-1838
2014-03-11 19:37:00
debiancve
debiancve
CVE-2014-1838
2014-03-11 19:37:00
ubuntucve
ubuntucve
CVE-2014-1838
2014-03-11 00:00:00
github
github
Improper Link Resolution Before File Access in logilab-commons
2022-05-14 02:09:22
osv
osv
Improper Link Resolution Before File Access in logilab-commons
2022-05-14 02:09:22
openvas
openvas
Fedora Update for python-astroid FEDORA-2014-3300
2014-03-20 00:00:00
Fedora Update for pylint FEDORA-2014-3300
2014-03-20 00:00:00
Fedora Update for python-logilab-common FEDORA-2014-3300
2014-03-20 00:00:00
nessus
nessus
fedora
fedora
[SECURITY] Fedora 20 Update: python-astroid-1.0.1-2.fc20
2014-03-19 08:39:48
[SECURITY] Fedora 20 Update: pylint-1.1.0-1.fc20
2014-03-19 08:39:48
[SECURITY] Fedora 20 Update: python-logilab-common-0.61.0-1.fc20
2014-03-19 08:39:49
mageia
mageia
Updated python-logilab-common packages fix security vulnerabilities
2014-03-04 01:37:46
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
Related for OSV:PYSEC-2014-83