tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.
2014-05-08T14:29:14.470
2025-04-12T10:46:40.837
Deferred
CVSSv2: 3.3 (LOW)
AV:L/AC:M/Au:N/C:N/I:P/A:P
3.4
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | travis_shirk | eyed3 | ≤ 0.6.18 | Yes |
| Application | travis_shirk | eyed3 | 0.1.0 | Yes |
| Application | travis_shirk | eyed3 | 0.2.0 | Yes |
| Application | travis_shirk | eyed3 | 0.3.0 | Yes |
| Application | travis_shirk | eyed3 | 0.3.1 | Yes |
| Application | travis_shirk | eyed3 | 0.4.0 | Yes |
| Application | travis_shirk | eyed3 | 0.5.0 | Yes |
| Application | travis_shirk | eyed3 | 0.5.1 | Yes |
| Application | travis_shirk | eyed3 | 0.6.0 | Yes |
| Application | travis_shirk | eyed3 | 0.6.0 | Yes |
| Application | travis_shirk | eyed3 | 0.6.1 | Yes |
| Application | travis_shirk | eyed3 | 0.6.2 | Yes |
| Application | travis_shirk | eyed3 | 0.6.3 | Yes |
| Application | travis_shirk | eyed3 | 0.6.4 | Yes |
| Application | travis_shirk | eyed3 | 0.6.5 | Yes |
| Application | travis_shirk | eyed3 | 0.6.6 | Yes |
| Application | travis_shirk | eyed3 | 0.6.8 | Yes |
| Application | travis_shirk | eyed3 | 0.6.9 | Yes |
| Application | travis_shirk | eyed3 | 0.6.10 | Yes |
| Application | travis_shirk | eyed3 | 0.6.11 | Yes |
| Application | travis_shirk | eyed3 | 0.6.12 | Yes |
| Application | travis_shirk | eyed3 | 0.6.13 | Yes |
| Application | travis_shirk | eyed3 | 0.6.14 | Yes |
| Application | travis_shirk | eyed3 | 0.6.15 | Yes |
| Application | travis_shirk | eyed3 | 0.6.16 | Yes |
| Application | travis_shirk | eyed3 | 0.6.17 | Yes |
| Application | travis_shirk | eyed3 | 0.7.3 | Yes |
| Operating System | opensuse | opensuse | 12.3 | Yes |
| Operating System | opensuse | opensuse | 13.1 | Yes |