CVE-2014-0027
CVE-2014-0027 affects Flite 1.4. The vulnerability is in play_wave_from_socket (audio/auserver.c) allowing local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. Root cause is insecure handling of /tmp/awb.wav leading to path-traversal via symlink. Impact per NVD: local acces...