Vulners
Lucene search
2 matches found
CVE-2014-0027
The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...
3.3CVSS6.1AI score0.00058EPSS
Exploits1
CVE-2014-0027
CVE-2014-0027 affects Flite 1.4. The vulnerability is in play_wave_from_socket (audio/auserver.c) allowing local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. Root cause is insecure handling of /tmp/awb.wav leading to path-traversal via symlink. Impact per NVD: local acces...
3.3CVSS6.1AI score0.00058EPSS
Exploits1References7Affected Software1
20