Candidate: CVE-2014-4978
PublicDate: 2017-12-29 22:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4978
Description:
 The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might
 allow local users to truncate arbitrary files via a symlink attack on (1)
 /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754899
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N [5.5 MEDIUM]

Tags_rawstudio: symlink-restriction
Patches_rawstudio:
upstream_rawstudio: needs-triage
lucid_rawstudio: ignored (reached end-of-life)
precise_rawstudio: ignored (reached end-of-life)
precise/esm_rawstudio: DNE (precise was needs-triage)
trusty_rawstudio: ignored (reached end-of-life)
trusty/esm_rawstudio: DNE (trusty was needs-triage)
utopic_rawstudio: DNE
vivid_rawstudio: DNE
vivid/stable-phone-overlay_rawstudio: DNE
vivid/ubuntu-core_rawstudio: DNE
wily_rawstudio: DNE
xenial_rawstudio: DNE
yakkety_rawstudio: DNE
zesty_rawstudio: DNE
artful_rawstudio: DNE
bionic_rawstudio: DNE
cosmic_rawstudio: DNE
disco_rawstudio: DNE
devel_rawstudio: DNE