oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: rawstudio: Insecure use of temporary file

From: cve-assign () mitre org
Date: Wed, 16 Jul 2014 13:43:58 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


rs_filter_graph in librawstudio/rs-filter.c

/tmp/rs-filter-graph
/tmp/rs-filter-graph.png

This allows the truncation of arbitrary files


Use CVE-2014-4978.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTxrkkAAoJEKllVAevmvms1ZQH/1CXZsXAyu4nHm/i3NhxkYFy
XGaEFEWDLOzv1u6FhR1l74NjnPJYus7LyAlFFsicxclDVBUklZMsDfgAjPv0HBOO
akcZOMrTZIhUfZJSHSaB5ps0ocdSy/dHtK0jn3b1p4hOgCqcR9SFvYSykSyLbz7z
tVn4KJq7RWb99rBrOVhqEahzI+uZCeCvSM+PGSMS4bCo7dnJ++nL8WmWCQzmOYs5
jN/4BrUGd+w1m74jJAzm0Fu8M8NKcctcmE+64GuOoXrib+kph0PLkH5ouhcjW1I0
8/UpGBl5xkM14yqCfG3ZegeKJGBdNLAzb+3wEl0ftcPPsz7qCSrvhJ4A562u6GI=
=Er9a
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: