CVE-2020-17534 – There exists a race condition between the deletion of the temporary file and the creation …

11 January 2021

Vuln ID: CVE-2020-17534

Published: 2021-01-11 16:15:14Z

Description: There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in `webkit` subproject of HTML/Java API version 1.7. A similar vulnerability has recently been disclosed in other Java projects and the fix in HTML/Java API version 1.7.1 follows theirs: To avoid local privilege escalation version 1.7.1 creates the temporary directory atomically without dealing with the temporary file: https://github.com/apache/netbeans-html4j/commit/fa70e507e5555e1adb4f6518479fc408a7abd0e6

Source: NVD.NIST.GOV

Date:

11 January 2021

Categorie(s):

NVD

Tag(s):

NVD

How To Connect via OpenVPN on Ubuntu19 April 2024
Attacks against SAP apps on the rise19 April 2024
New Five Eyes AI security guidelines unveiled19 April 2024
French hospital impacted by cyberattack19 April 2024
More data broker regulation needed in draft privacy bill19 April 2024