CVE-2014-1934

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-1934
tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.

3.3 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 3.4 / Impact : 4.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://lists.opensuse.org/opensuse-updates/2014-05/msg00027.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00028.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737062
https://bugzilla.redhat.com/show_bug.cgi?id=1063671
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:travis_shirk:eyed3:*:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.0:-:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.12:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.13:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.14:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.15:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.16:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.17:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.7.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
History

No history.

Information

Published : 2014-05-08 14:29

Updated : 2023-12-10 11:31

NVD link : CVE-2014-1934

Mitre link : CVE-2014-1934

CVE.ORG link : CVE-2014-1934

JSON object : View

Products Affected

travis_shirk

  • eyed3

opensuse

  • opensuse
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')