CVE-2012-2093
Gajim 0.15 - Arbitrary File Overwrite via Symlink Attack on Temporary Latex File
Title source: llmDescription
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.
References (12)
Core 12
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/04/10/6
Various Sources x_refsource_confirm
http://hg.gajim.org/gajim/rev/f046e4aaf7d4
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53017
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48794
Various Sources x_refsource_confirm
https://trac.gajim.org/changeset/13759/src/common/latex.py
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201208-04.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74869
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48695
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/04/10/15
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html
Scores
EPSS
0.0036
EPSS Percentile
27.2%
Details
CWE
CWE-59
Status
published
Products (1)
gajim/gajim
0.15
Published
May 18, 2012
Tracked Since
Feb 18, 2026