- Description
- lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 6.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:N/A:N
- Hype score
- Not currently trending
- Red HatRed Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A423B773-6B8B-4BA3-80A1-C8CAEF4D9BBE"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40D8DAE0-8E75-435C-9BD6-FAEED2ACB47C"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49"
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C"
}
],
"operator": "OR"
}
]
}
]