Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv2

CVE-2014-1839

Published: 11/03/2014 Updated: 30/10/2018
CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4
VMScore: 392
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Opensuse

Vulnerability Summary

The Execute class in shellutils in logilab-commons prior to 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opensuse opensuse 12.3

opensuse opensuse 13.1

logilab logilab-common

Vendor Advisories

Debian CVElist Bug Report Logs: python-logilab-common: insecure use of /tmp (CVE-2014-1838 CVE-2014-1839)
Debian Bug report logs - #737051 python-logilab-common: insecure use of /tmp (CVE-2014-1838 CVE-2014-1839) Package: python-logilab-common; Maintainer for python-logilab-common is Sandro Tosi <morph@debianorg>; Source for python-logilab-common is src:logilab-common (PTS, buildd, popcon) Reported by: Jakub Wilk <jwilk@debi ...

References

NVD-CWE-noinfohttp://lists.opensuse.org/opensuse-updates/2014-02/msg00085.htmlhttp://www.logilab.org/ticket/207562http://secunia.com/advisories/57209https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051http://comments.gmane.org/gmane.comp.security.oss.general/11986https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook