(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-07-17 14:55
Updated : 2017-08-28 18:31
NVD link : CVE-2012-3355
Mitre link : CVE-2012-3355
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
gnome
- rhythmbox