7 matches found
Mageia: Security Advisory (MGASA-2014-0047)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ MDVSA-2014:032 ] flite
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:032 http://www.mandriva.com/en/support/security/ Package : flite Date : February 14, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in flit...
MGASA-2014-0047 Updated flite package fixes CVE-2014-0027
Updated flite packages fix security vulnerability: The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav CVE-2014-0027...
CVE-2014-0027
The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...
CVE-2014-0027
The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...
CVE-2014-0027
The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...
CVE-2014-0027
CVE-2014-0027 affects Flite 1.4. The vulnerability is in play_wave_from_socket (audio/auserver.c) allowing local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. Root cause is insecure handling of /tmp/awb.wav leading to path-traversal via symlink. Impact per NVD: local acces...