Description
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-344.html
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-500
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16027
Scores
EPSS
0.0012
EPSS Percentile
30.6%
Details
Status
published
Products (1)
gnu/flim
< 1.14.2
Published
Jul 07, 2004
Tracked Since
Feb 18, 2026