MidnightBSD

Advisories for xml-dt_project

CVE-2014-5260 MEDIUM

The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
xml-dt_project xml-dt 0.62
xml-dt_project xml-dt 0.61
xml-dt_project xml-dt 0.60
xml-dt_project xml-dt *