CVE-2014-1859

(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:numpy:numpy:*:*:*:*:*:*:*:*
cpe:2.3:a:numpy:numpy:1.8.1:rc1:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Information

Published : 2018-01-08 11:29

Updated : 2019-04-22 10:48


NVD link : CVE-2014-1859

Mitre link : CVE-2014-1859


JSON object : View

CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

Advertisement

dedicated server usa

Products Affected

fedoraproject

  • fedora

numpy

  • numpy

redhat

  • enterprise_linux