Total
1248 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5377 | 1 Apple | 1 Cups | 2025-04-09 | 6.9 MEDIUM | N/A |
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333. | |||||
CVE-2008-1832 | 1 Cecilia | 1 Cecilia | 2025-04-09 | 3.3 LOW | N/A |
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file. | |||||
CVE-2008-3329 | 1 Twibright | 1 Links | 2025-04-09 | 9.3 HIGH | N/A |
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." | |||||
CVE-2008-0732 | 2 Apache, Suse | 2 Geronimo, Suse Linux | 2025-04-09 | 2.1 LOW | N/A |
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories. | |||||
CVE-2008-4973 | 1 Debian | 1 Myspell | 2025-04-09 | 6.9 MEDIUM | N/A |
i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files. | |||||
CVE-2008-5151 | 1 Abottoms | 1 Mayavi | 2025-04-09 | 6.9 MEDIUM | N/A |
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file. | |||||
CVE-2008-5378 | 1 Lehrstuhl Fur Mikrobiologie | 1 Arb | 2025-04-09 | 6.9 MEDIUM | N/A |
arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file. | |||||
CVE-2008-3456 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | 6.4 MEDIUM | N/A |
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack. | |||||
CVE-2009-1526 | 1 Jbmc-software | 1 Directadmin | 2025-04-09 | 6.9 MEDIUM | N/A |
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action. | |||||
CVE-2008-5368 | 1 Lukas Ruf | 1 Muttprint | 2025-04-09 | 6.9 MEDIUM | N/A |
muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. | |||||
CVE-2008-3791 | 1 Lxde | 1 Lightweight X11 Desktop Environment | 2025-04-09 | 4.6 MEDIUM | N/A |
src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file. | |||||
CVE-2008-5375 | 1 Cmus | 1 Cmus | 2025-04-09 | 6.9 MEDIUM | N/A |
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file. | |||||
CVE-2008-5380 | 1 Gpsdrive | 1 Gpsdrive | 2025-04-09 | 6.9 MEDIUM | N/A |
gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (2) geo-nearest scripts, different vectors than CVE-2008-4959. | |||||
CVE-2009-4030 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-09 | 4.4 MEDIUM | N/A |
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079. | |||||
CVE-2008-5148 | 1 Geda | 1 Gnetlist | 2025-04-09 | 6.9 MEDIUM | N/A |
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | |||||
CVE-2008-0870 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | 7.5 HIGH | N/A |
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | |||||
CVE-2008-5312 | 1 Mailscanner | 1 Mailscanner | 2025-04-09 | 6.9 MEDIUM | N/A |
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140. | |||||
CVE-2008-0806 | 1 Paul Pelzl | 1 Wyrd | 2025-04-09 | 3.6 LOW | N/A |
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | |||||
CVE-2008-3930 | 1 Debian | 1 Citadel Server | 2025-04-09 | 6.9 MEDIUM | N/A |
migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2008-5157 | 1 Uoregon | 1 Tau | 2025-04-09 | 6.9 MEDIUM | N/A |
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts. |