Unrated severityNVD Advisory· Published Jan 28, 2014· Updated Jun 17, 2026
CVE-2014-1639
CVE-2014-1639
Description
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.3.99.7
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.