CVE-2014-2277CVE-2014-2277

Affected configuration(s):

cpe:/a:perltidy_project:perltidy:20120701-1

Date published: 2017-10-17T11:29:00.183-04:00

Date last modified: 2017-11-08T12:23:33.057-05:00

CVSS Score: 3.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130464.html

Summary: The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.