Total
1092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-1031 | 1 Feh Project | 1 Feh | 2024-02-04 | 3.3 LOW | N/A |
The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to create arbitrary files via a symlink attack on a /tmp/feh_ temporary file, a different vulnerability than CVE-2011-0702. | |||||
CVE-2010-2431 | 1 Apple | 1 Cups | 2024-02-04 | 2.6 LOW | N/A |
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | |||||
CVE-2011-0007 | 1 Troglobit | 1 Pimd | 2024-02-04 | 3.3 LOW | N/A |
pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent. | |||||
CVE-2011-2473 | 1 Maynard Johnson | 1 Oprofile | 2024-02-04 | 6.3 MEDIUM | N/A |
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760. | |||||
CVE-2011-0541 | 1 Fuse | 1 Fuse | 2024-02-04 | 3.3 LOW | N/A |
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack. | |||||
CVE-2011-4060 | 1 Qnx | 1 Neutrino Rtos | 2024-02-04 | 3.3 LOW | N/A |
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack. | |||||
CVE-2011-0441 | 1 Php | 1 Php | 2024-02-04 | 6.3 MEDIUM | N/A |
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. | |||||
CVE-2010-0439 | 1 Chip Salzenberg | 1 Deliver | 2024-02-04 | 6.9 MEDIUM | N/A |
Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. | |||||
CVE-2011-4105 | 1 Robert Ancell | 1 Lightdm | 2024-02-04 | 1.9 LOW | N/A |
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority. | |||||
CVE-2011-3204 | 1 Geoff Wong | 1 Hammerhead | 2024-02-04 | 3.3 LOW | N/A |
hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/hammer.log (aka the HH_LOG file) or (2) the REPORT_LOG file. | |||||
CVE-2009-5081 | 1 Gnu | 1 Groff | 2024-02-04 | 3.3 LOW | N/A |
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969. | |||||
CVE-2011-4617 | 1 Python | 1 Virtualenv | 2024-02-04 | 1.2 LOW | N/A |
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/. | |||||
CVE-2010-3847 | 1 Gnu | 1 Glibc | 2024-02-04 | 6.9 MEDIUM | N/A |
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. | |||||
CVE-2009-5044 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2024-02-04 | 3.3 LOW | N/A |
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. | |||||
CVE-2010-2056 | 1 Gnu | 1 Gv | 2024-02-04 | 3.3 LOW | N/A |
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2011-0402 | 1 Debian | 1 Dpkg | 2024-02-04 | 6.8 MEDIUM | N/A |
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory. | |||||
CVE-2010-4337 | 1 Gnu | 1 Gnash | 2024-02-04 | 3.3 LOW | N/A |
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files. | |||||
CVE-2010-1160 | 1 Gnu | 1 Nano | 2024-02-04 | 1.9 LOW | N/A |
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. | |||||
CVE-2010-2053 | 1 Emesene | 1 Emesene | 2024-02-04 | 3.3 LOW | N/A |
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file. | |||||
CVE-2010-0787 | 1 Samba | 1 Samba | 2024-02-04 | 4.4 MEDIUM | N/A |
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. |