Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.3
CVSSv2

CVE-2014-5260

Published: 16/08/2014 Updated: 08/09/2014
CVSS v2 Base Score: 6.3 | Impact Score: 9.2 | Exploitability Score: 3.4
VMScore: 561
Vector: AV:L/AC:M/Au:N/C:N/I:C/A:C
Subscribe to Xml-dt Project

Vulnerability Summary

The (1) mkxmltype and (2) mkdtskel scripts in XML-DT prior to 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xml-dt project xml-dt 0.60

xml-dt project xml-dt 0.62

xml-dt project xml-dt

xml-dt project xml-dt 0.61

Vendor Advisories

Debian CVElist Bug Report Logs: libxml-dt-perl: Insecure use of temporary files (CVE-2014-5260)
Debian Bug report logs - #756566 libxml-dt-perl: Insecure use of temporary files (CVE-2014-5260) Package: libxml-dt-perl; Maintainer for libxml-dt-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Source for libxml-dt-perl is src:libxml-dt-perl (PTS, buildd, popcon) Reported by: Steve Kemp <steve@s ...

References

CWE-59http://openwall.com/lists/oss-security/2014/08/15/8https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/https://metacpan.org/source/AMBS/XML-DT-0.66/Changeshttps://bugs.debian.org/756566https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756566https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook