Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2053 to the following vulnerability: Name: CVE-2010-2053 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2053 Assigned: 20100525 Reference: MLIST:[oss-security] 20100529 Fwd: emesene preditable temporary filename Reference: URL: http://marc.info/?l=oss-security&m=127514641525366&w=2 Reference: CONFIRM: http://forum.emesene.org/index.php?topic=3441.0 Reference: CONFIRM: http://www.emesene.org/ Reference: OSVDB:65018 Reference: URL: http://osvdb.org/65018 Reference: SECUNIA:39945 Reference: URL: http://secunia.com/advisories/39945 Reference: XF:emesene-emsnpic-symlink(59045) Reference: URL: http://xforce.iss.net/xforce/xfdb/59045 emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file.
Created emesene tracking bugs for this issue Affects: fedora-all [bug 601402]
emesene-1.6.2-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/emesene-1.6.2-1.fc12
emesene-1.6.2-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/emesene-1.6.2-1.fc13
emesene-1.6.2-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/emesene-1.6.2-1.fc11
emesene-1.6.2-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
emesene-1.6.2-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
emesene-1.6.2-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.