Oval Definition:	oval:org.opensuse.security:def:20141624
Revision Date: 2022-09-02 Version: 1 Title: CVE-2014-1624 Description: Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-1624 Mitre CVE-2014-1624 SUSE CVE-2014-1624 SUSE-SU-2019:2719-1 SUSE-SU-2019:2719-1 SUSE-SU-2019:2719-2 SUSE-SU-2019:2719-2 Platform(s): SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 Product(s): Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND python-xdg-0.25-9.3.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND python-xdg-0.25-9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND python-xdg-0.25-9.3.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND python-xdg-0.25-9.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND python-xdg-0.25-9.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-xdg-0.25-9.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-xdg-0.25-9.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 is installed AND python-xdg is not affected OR Package Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-xdg-0.25-9.3.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 is installed OR SUSE Linux Enterprise Server 12 is installed AND python-xdg is not affected OR Package Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-xdg-0.25-9.3.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 is installed AND python-xdg is not affected OR Package Information SUSE Linux Enterprise Desktop 12 SP4 is installed AND python-xdg-0.25-9.3.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-xdg-0.25-9.3.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND python-xdg-0.25-9.3.1 is installed
BACK