tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:N/I:P/A:P
Vendors Products
Travis Shirk
  • Eyed3
Opensuse
  • Opensuse

Configuration 1 [-]

OR cpe:2.3:a:travis_shirk:eyed3:*:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.0:-:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.12:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.13:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.14:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.15:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.16:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.6.17:*:*:*:*:*:*:*
cpe:2.3:a:travis_shirk:eyed3:0.7.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-updates/2014-05/msg00027.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00028.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737062
https://bugzilla.redhat.com/show_bug.cgi?id=1063671
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-05-08T14:00:00

Updated: 2014-05-08T13:57:00

Reserved: 2014-02-10T00:00:00

Link: CVE-2014-1934

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2014-05-08T14:29:14.470

Modified: 2018-10-30T16:27:34.687

Link: CVE-2014-1934

JSON object: View

cve-icon Redhat Information

No data.

CWE