CVE-2014-5255

Priority
Description
xcfa before 5.0.1 creates temporary files insecurely which could allow
local users to launch a symlink attack and overwrite arbitrary files. Note:
A different vulnerability than CVE-2014-5254.
Notes
Package
Source: xcfa (LP Ubuntu Debian)
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (5.0.1-1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.1-1)
Ubuntu 19.04 (Disco Dingo):not-affected (5.0.1-1)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.1-1)
More Information

Updated: 2019-12-05 21:07:25 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)