Python pip CVE-2013-1888 Insecure Temporary File Creation Vulnerability

Python pip is prone to an insecure temporary file-creation vulnerability because it creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Other attacks may also be possible.

Python pip 1.3.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus