{
  "modified": "2025-08-09T19:01:29Z",
  "published": "2014-08-16T04:39:55Z",
  "id": "CVE-2014-5260",
  "details": "The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.",
  "references": [
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/08/15/8"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/756566"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/\u0026source=AMBS/XML-DT-0.63/"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes"
    }
  ]
}