[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-302 ---- numpy

ID: oval:org.secpod.oval:def:1600100Date: (C)2016-01-05   (M)2022-10-10
Class: PATCHFamily: unix




f2py insecurely uses a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py.

Platform:
Amazon Linux AMI
Product:
numpy
Reference:
ALAS-2014-302
CVE-2014-1858
CVE-2014-1859
CVE    2
CVE-2014-1858
CVE-2014-1859
CPE    2
cpe:/o:amazon:linux
cpe:/a:numpy:numpy

© SecPod Technologies