Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
XSane临时文件创建方式不安全
Vulnerability Description
XSane应用程序是一个SANE(Scanner Access Now Easy)库的基于X11的gtk前端,用于连接扫描仪。XSane可通过扫描仪和照相机等设备获得图象。 在扫描图象或与SANE(真正执行扫描进程的后台应用程序)通信时,XSane在图象预览和保存时会在/tmp中创建临时文件。 然而XSane使用mktemp(3)来创建临时文件,这些临时文件名很容易预测(参见mktemp(3)man手册的BUGS小节)。本地攻击者可以通过创建大量符号链接,使其指向运行XSane的用户有写权限的文件,就可能
CVSS Information
N/A
Vulnerability Type
N/A