2 matches found
CVE-2014-5254
CVE-2014-5254 affects xcfa before 5.0.1, where insecure temporary file creation could allow local users to perform a symlink attack and overwrite arbitrary files. Root cause is insecure handling of temporary files. Impact is local: potential file overwrite. Remediation: upgrade to xcfa 5.0.1 or l...
CVE-2014-5255
CVE-2014-5255 affects xcfa prior to 5.0.1. The vulnerability stems from insecure creation of temporary files, enabling a local attacker to perform a symlink attack and overwrite arbitrary files. The provided documents do not specify a patch version or remediation steps, and do not indicate whethe...