Total
1092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4935 | 1 Amiga | 1 Aview | 2024-02-04 | 6.9 MEDIUM | N/A |
asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file. | |||||
CVE-2009-0321 | 2 Apple, Microsoft | 2 Safari, Windows | 2024-02-04 | 4.3 MEDIUM | N/A |
Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence. | |||||
CVE-2008-3928 | 1 Debian | 1 Honeyd Common | 2024-02-04 | 6.9 MEDIUM | N/A |
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2008-5743 | 1 Pdfjam | 1 Pdfjam | 2024-02-04 | 6.9 MEDIUM | N/A |
pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2008-4474 | 1 Freeradius | 1 Freeradius | 2024-02-04 | 7.2 HIGH | N/A |
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct. | |||||
CVE-2008-4955 | 1 Duncan Webb | 1 Freevo | 2024-02-04 | 6.2 MEDIUM | N/A |
freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code. | |||||
CVE-2008-6397 | 1 Alcovebook | 1 Sgml2x | 2024-02-04 | 4.4 MEDIUM | N/A |
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2008-5141 | 1 Dann Frazier | 1 Flamethrower | 2024-02-04 | 6.9 MEDIUM | N/A |
flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file. | |||||
CVE-1999-1593 | 1 Microsoft | 3 Windows 2000, Windows 95, Windows 98 | 2024-02-04 | 7.6 HIGH | N/A |
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. | |||||
CVE-2008-4985 | 1 Cadsoft | 1 Vdr | 2024-02-04 | 6.9 MEDIUM | N/A |
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file. | |||||
CVE-2008-4937 | 1 Openoffice | 1 Openoffice.org | 2024-02-04 | 2.6 LOW | N/A |
senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file. | |||||
CVE-2008-6552 | 2 Fedoraproject, Redhat | 5 Fedora, Cluster Project, Cman and 2 more | 2024-02-04 | 6.9 MEDIUM | N/A |
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | |||||
CVE-2008-3227 | 1 Joomla | 1 Joomla | 2024-02-04 | 7.5 HIGH | N/A |
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | |||||
CVE-2008-4968 | 1 Bitmover | 1 Lmbench | 2024-02-04 | 6.9 MEDIUM | N/A |
The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file. | |||||
CVE-2008-5313 | 1 Mailscanner | 1 Mailscanner | 2024-02-04 | 6.9 MEDIUM | N/A |
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file. | |||||
CVE-2008-5367 | 1 Marco D\'itri | 1 Ppp-udeb | 2024-02-04 | 6.9 MEDIUM | N/A |
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file. | |||||
CVE-2008-4951 | 1 Gplhost | 1 Dtc-common | 2024-02-04 | 6.9 MEDIUM | N/A |
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts. | |||||
CVE-2008-3699 | 1 Amarok | 1 Amarok | 2024-02-04 | 3.3 LOW | N/A |
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file. | |||||
CVE-2008-3946 | 1 Hp | 1 Openvms | 2024-02-04 | 4.9 MEDIUM | N/A |
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | |||||
CVE-2008-1694 | 1 Gnu | 2 Emacs, Sccs | 2024-02-04 | 4.6 MEDIUM | N/A |
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files. |