CVE-2014-1935

Exploit

EPSS 0.47%
Published 21.11.2019 15:15:11
Last modified 21.11.2024 02:05:18
Source cve@mitre.org
Teams watchlist Login
Open Login

9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames.

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

9base Project ≫ 9base Version1:6-6

9base Project ≫ 9base Version1:6-7

Debian ≫ Debian Linux Version8.0

Debian ≫ Debian Linux Version9.0

Debian ≫ Debian Linux Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.47%	0.619

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.openwall.com/lists/oss-security/2014/02/11/1

Third Party Advisory

Mailing List

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737206

Third Party Advisory

Exploit

Issue Tracking

https://security-tracker.debian.org/tracker/CVE-2014-1935

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-1935

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-1935

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-1935

EUVD