Lucene search
Ubuntu.comUB:CVE-2011-0702HistoryFeb 14, 2011 - 12:00 a.m.
CVE-2011-0702
2011-02-1400:00:00
ubuntu.com
ubuntu.com
6
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
The feh_unique_filename function in utils.c in feh before 1.11.2 might
allow local users to overwrite arbitrary files via a symlink attack on a
/tmp/feh_ temporary file.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/feh/+bug/607328>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612035>
- <https://github.com/derf/feh/issues/#issue/32>
- <https://bugzilla.redhat.com/show_bug.cgi?id=676389>
Notes
| Author | Note |
|---|---|
| mdeslaur | maverick+ may be unaffected because of symlink restrictions |
Related
nessus
nessus
Fedora 15 : feh-1.14.1-1.fc15 (2011-8750)
2011-07-05 00:00:00
Fedora 14 : feh-1.14.1-1.fc14 (2011-8747)
2011-07-05 00:00:00
GLSA-201110-08 : feh: Multiple vulnerabilities
2011-10-14 00:00:00
debiancve
debiancve
CVE-2011-0702
2011-02-14 21:00:00
CVE-2011-1031
2011-02-14 22:00:00
cve
cve
CVE-2011-0702
2011-02-14 21:00:00
CVE-2011-1031
2011-02-14 22:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: feh-1.14.1-1.fc15
2011-07-04 18:50:39
[SECURITY] Fedora 14 Update: feh-1.14.1-1.fc14
2011-07-04 18:51:56
prion
prion
Arbitrary file deletion
2011-02-14 21:00:00
Arbitrary file deletion
2011-02-14 22:00:00
openvas
openvas
Fedora Update for feh FEDORA-2011-8750
2011-07-12 00:00:00
Fedora Update for feh FEDORA-2011-8750
2011-07-12 00:00:00
Fedora Update for feh FEDORA-2011-8747
2011-07-08 00:00:00
cvelist
cvelist
CVE-2011-0702
2022-10-03 16:15:20
CVE-2011-1031
2022-10-03 16:15:10
ubuntucve
ubuntucve
CVE-2011-1031
2011-02-14 00:00:00
gentoo
gentoo
feh: Multiple vulnerabilities
2011-10-13 00:00:00
securityvulns
securityvulns
[ GLSA 201110-08 ] feh: Multiple vulnerabilities
2011-10-16 00:00:00
feh multiple security vulnerabilities
2011-10-16 00:00:00
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for UB:CVE-2011-0702