Code injection

2019-12-3022:15:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.1%

JSON

The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).

CPENameOperatorVersion
textproc\\/isearcheq< 1.47.1nb1

CPE	Name	Operator	Version
	textproc\\/isearch	eq	< 1.47.1nb1

References

gnats.netbsd.org/47360

www.openwall.com/lists/oss-security/2012/12/21/2

www.openwall.com/lists/oss-security/2012/12/21/3

access.redhat.com/security/cve/cve-2012-5663

security-tracker.debian.org/tracker/CVE-2012-5663