CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
5.1%
Package : scheme48
Version : 1.8+dfsg-1+deb6u1
CVE ID : CVE-2014-4150
Debian Bug : #748766
The function scheme48-send-definition
in cmuscheme48.el blindly
overwrites the file /tmp/s48lose.tmp prior to sending it to the
inferior <scheme process.
This action will blindly overwrite files the user has permission
to modify, causing data-loss.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | all | cmuscheme48-el | < 1.8+dfsg-1+deb7u1 | cmuscheme48-el_1.8+dfsg-1+deb7u1_all.deb |
Debian | 6 | i386 | scheme48 | < 1.8+dfsg-1+deb6u1 | scheme48_1.8+dfsg-1+deb6u1_i386.deb |
Debian | 7 | all | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_all.deb |
Debian | 7 | ia64 | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_ia64.deb |
Debian | 7 | sparc | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_sparc.deb |
Debian | 7 | s390 | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_s390.deb |
Debian | 7 | armel | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_armel.deb |
Debian | 7 | i386 | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_i386.deb |
Debian | 7 | s390x | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_s390x.deb |
Debian | 7 | kfreebsd-i386 | scheme48 | < 1.8+dfsg-1+deb7u1 | scheme48_1.8+dfsg-1+deb7u1_kfreebsd-i386.deb |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
5.1%