3 matches found
CVE-2024-34490
In Maxima through 5.47.0 before 51704c, the plotting facilities make use of predictable names under /tmp. Thus, the contents may be controlled by a local attacker who can create files in advance with these names. This affects, for example, plot2d...
Linux Distros Unpatched Vulnerability : CVE-2024-34490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Maxima through 5.47.0 before 51704c, the plotting facilities make use of predictable names under /tmp. Thus, the contents may be controlled by a local attack...
CVE-2024-34490
CVE-2024-34490 affects Maxima up to 5.47.0 before 51704c. The plotting facilities (e.g., plot2d) use predictable file names under /tmp, allowing a local attacker to pre-create files and influence contents. This is a local-impact condition as described in multiple connected sources (Red Hat, NVD/o...