CVE-2011-4617

{"id": "CVE-2011-4617", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-12-31T01:55:00.860", "references": [{"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071638.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071643.html", "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2011/12/19/2", "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2011/12/19/4", "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2011/12/19/5", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/47240", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bitbucket.org/ianb/virtualenv/changeset/8be37c509fe5", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071638.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071643.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://openwall.com/lists/oss-security/2011/12/19/2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://openwall.com/lists/oss-security/2011/12/19/4", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://openwall.com/lists/oss-security/2011/12/19/5", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/47240", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bitbucket.org/ianb/virtualenv/changeset/8be37c509fe5", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/."}, {"lang": "es", "value": "virtualenv.py en virtualenv antes de v1.5 permite a usuarios locales sobreescribir archivos de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico en un archivo concreto en /tmp/."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:python:virtualenv:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "882DAFE6-B0C3-43AA-A1DC-6344416DAC6C", "versionEndIncluding": "1.4.9"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20F09E53-183F-4FDA-8D0D-75157577F7C1"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2315DDB3-A7B4-4C1F-8F7F-65F9BDA58143"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "640993E8-ACDC-4BDC-B90A-6A5086684B5A"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C26475D6-E3B5-4BFE-ABCB-00FF1BF775F9"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BCBE048-CF77-41DD-BE33-627CC1BFC269"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01394686-5868-4D76-98D9-704A4C47496A"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81602D91-34A2-435B-BFAB-8E2F6F13CAD6"}, {"criteria": "cpe:2.3:a:python:virtualenv:0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD4AA790-396B-4601-934A-C79805710EB7"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70DFD1E2-6F0C-473B-9AF8-145AFDA04F44"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AAA20A0-FB21-45A2-9955-61C57609D56B"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEFF343E-36F9-49FB-AD81-FA5826E3A38E"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8A81F15-879F-4756-B62D-882E2AF9836E"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D63484A0-262D-458C-8FFF-6130505C1467"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDE7D9B3-307F-4990-8A71-9351B72C8D4E"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4152B38F-6A2F-4DD1-94D8-9F15BF3C0B56"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1010E6AD-18E5-48C8-AACC-3B37A028A3E8"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D007BF26-E711-448A-A6DB-1BAEA1B1F7BE"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46930F4B-242B-4488-BE6B-56DCC6CA71D0"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91312611-4426-4421-8FAF-DAD0481E6CC6"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "535403D2-BB8A-43C6-BD1E-59186E3FDB4A"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD51D1A0-ECC4-4B6D-BF84-00226D2E4169"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C3685F4-EF62-48AD-B377-305A3C6C55E9"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26E60D71-9DD3-4E57-9E4A-4738C32FDED9"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D015A6E2-E45D-4F76-83E8-C6E8A700032B"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "699F024D-AA72-46A2-A1FA-354F9E1A5595"}, {"criteria": "cpe:2.3:a:python:virtualenv:1.4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59CAEC32-7D87-4689-AD6D-A43840B7B547"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}