Vulnerability in Python Virtualenv
CVE-2011-4617
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.
EPSS: 0.000 (11.6th percentile) — read the EPSS interpretation.
Affected products
- Python Virtualenv — versions 0.8, 0.8.1, 0.8.2
- N/a — versions n/a
Weakness classification (CWE)
References
- 47240 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- [oss-security] 20111219 Re: CVE id request: python-virtualenv (mailing-list, x_refsource_MLIST)
- [oss-security] 20111219 CVE id request: python-virtualenv (mailing-list, x_refsource_MLIST)
- FEDORA-2011-17289 (x_refsource_FEDORA, vendor-advisory)
- FEDORA-2011-17341 (x_refsource_FEDORA, vendor-advisory)
- [oss-security] 20111219 Re: CVE id request: python-virtualenv (mailing-list, x_refsource_MLIST)