CVE-2014-5255

Summary

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. Note: A different vulnerability than CVE-2014-5254.

Affected Software

VendorProductVersion RangeStatus
xcfaxcfa4.3.8-1affected

Weaknesses

  • Symbolic Link Following

ADP Enrichment

CVE Program Container

Additional References

References