virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 1.2 | LOW | AV:L/AC:H/Au:N/C:N/I:P/A:N |
| CWE ID | Type | Source |
|---|---|---|
| CWE-59 | Primary | nvd@nist.gov |