CVE-2001-1593
Published Apr 5, 2014
Last updated 11 years ago
Overview
- Description
- The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-59
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:a2ps:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA3A3E96-6573-4785-8DFD-73E0F120EB8B",
"versionEndIncluding": "4.14"
},
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.10.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEF2642F-970D-47B9-87E9-8EA93DD224E7"
},
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AC41BEF-3162-4E0A-BD3E-B4DBDEA149BF"
},
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "874CD4BB-D4FF-40E5-A38A-F9445ABBC39C"
},
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC69D9F0-0F97-43AA-929D-432865098239"
},
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.13b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59EB22BD-FA9C-4715-A948-3309E3AD1F85"
}
],
"operator": "OR"
}
]
}
]