Vulnerabilities (CVE)

Filtered by CWE-59
Total 1248 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-5377 1 Apple 1 Cups 2025-04-09 6.9 MEDIUM N/A
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
CVE-2008-1832 1 Cecilia 1 Cecilia 2025-04-09 3.3 LOW N/A
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.
CVE-2008-3329 1 Twibright 1 Links 2025-04-09 9.3 HIGH N/A
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
CVE-2008-0732 2 Apache, Suse 2 Geronimo, Suse Linux 2025-04-09 2.1 LOW N/A
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
CVE-2008-4973 1 Debian 1 Myspell 2025-04-09 6.9 MEDIUM N/A
i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files.
CVE-2008-5151 1 Abottoms 1 Mayavi 2025-04-09 6.9 MEDIUM N/A
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file.
CVE-2008-5378 1 Lehrstuhl Fur Mikrobiologie 1 Arb 2025-04-09 6.9 MEDIUM N/A
arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file.
CVE-2008-3456 1 Phpmyadmin 1 Phpmyadmin 2025-04-09 6.4 MEDIUM N/A
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
CVE-2009-1526 1 Jbmc-software 1 Directadmin 2025-04-09 6.9 MEDIUM N/A
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
CVE-2008-5368 1 Lukas Ruf 1 Muttprint 2025-04-09 6.9 MEDIUM N/A
muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file.
CVE-2008-3791 1 Lxde 1 Lightweight X11 Desktop Environment 2025-04-09 4.6 MEDIUM N/A
src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.
CVE-2008-5375 1 Cmus 1 Cmus 2025-04-09 6.9 MEDIUM N/A
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file.
CVE-2008-5380 1 Gpsdrive 1 Gpsdrive 2025-04-09 6.9 MEDIUM N/A
gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (2) geo-nearest scripts, different vectors than CVE-2008-4959.
CVE-2009-4030 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-09 4.4 MEDIUM N/A
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
CVE-2008-5148 1 Geda 1 Gnetlist 2025-04-09 6.9 MEDIUM N/A
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-0870 2 Bea Systems, Oracle 2 Weblogic Portal, Weblogic Portal 2025-04-09 7.5 HIGH N/A
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
CVE-2008-5312 1 Mailscanner 1 Mailscanner 2025-04-09 6.9 MEDIUM N/A
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.
CVE-2008-0806 1 Paul Pelzl 1 Wyrd 2025-04-09 3.6 LOW N/A
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
CVE-2008-3930 1 Debian 1 Citadel Server 2025-04-09 6.9 MEDIUM N/A
migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2008-5157 1 Uoregon 1 Tau 2025-04-09 6.9 MEDIUM N/A
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts.