Description

os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.

Remediation

References

CVE-2002-1119

Related Vulnerabilities

ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256)

WordPress Plugin Participants Database Multiple Vulnerabilities (1.7.5.3)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.7)

WordPress Plugin Loco Translate Unspecified Vulnerability (2.5.4)

PHP Improper Handling of Exceptional Conditions Vulnerability (CVE-2014-1943)

Severity

Medium

Classification

CVE-2002-1119

Tags

Missing Update Known Vulnerabilities