Total
1064 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4980 | 1 Zak B Elep | 1 Rccp | 2024-02-04 | 6.9 MEDIUM | N/A |
delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | |||||
CVE-2008-4946 | 1 Convirture | 1 Convirt | 2024-02-04 | 6.9 MEDIUM | N/A |
convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/. | |||||
CVE-2008-5373 | 1 Bacula | 1 Bacula | 2024-02-04 | 6.9 MEDIUM | N/A |
mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file, probably a related issue to CVE-2005-2995. | |||||
CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2024-02-04 | 6.9 MEDIUM | N/A |
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||
CVE-2008-4939 | 1 Apertium | 1 Apertium | 2024-02-04 | 6.9 MEDIUM | N/A |
apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | |||||
CVE-2008-4972 | 1 Steve Robbins | 1 Mgt | 2024-02-04 | 6.9 MEDIUM | N/A |
mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file. | |||||
CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2024-02-04 | 6.9 MEDIUM | N/A |
sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | |||||
CVE-2008-4971 | 1 Align.bmr.kyushu-u.ac | 1 Mafft | 2024-02-04 | 6.9 MEDIUM | N/A |
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files. | |||||
CVE-2008-0665 | 1 Website Meta Language | 1 Website Meta Language | 2024-02-04 | 3.6 LOW | N/A |
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. | |||||
CVE-2007-6595 | 1 Clam Anti-virus | 1 Clamav | 2024-02-04 | 2.1 LOW | N/A |
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled. | |||||
CVE-2007-4224 | 1 Kde | 1 Konqueror | 2024-02-04 | 4.3 MEDIUM | N/A |
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | |||||
CVE-2007-6061 | 1 Audacityteam | 1 Audacity | 2024-02-04 | 5.0 MEDIUM | N/A |
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack. | |||||
CVE-2008-0883 | 2 Adobe, Suse | 4 Acrobat Reader, Open Suse, Suse Linux and 1 more | 2024-02-04 | 3.7 LOW | N/A |
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | |||||
CVE-2007-5200 | 1 Opensuse | 1 Opensuse | 2024-02-04 | 3.3 LOW | N/A |
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | |||||
CVE-2007-1027 | 1 Ibm | 1 Db2 | 2024-02-04 | 4.4 MEDIUM | N/A |
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file. | |||||
CVE-2007-3921 | 1 Gforge | 1 Gforge | 2024-02-04 | 3.3 LOW | N/A |
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files. | |||||
CVE-2007-4998 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 6.9 MEDIUM | N/A |
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | |||||
CVE-2008-0930 | 2 Debian, Freshmeat | 2 Debian Linux, Xwine | 2024-02-04 | 7.2 HIGH | N/A |
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-3103 | 2 Fedoraproject, Redhat | 4 Fedora Core, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2024-02-04 | 6.2 MEDIUM | N/A |
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | |||||
CVE-2007-6208 | 1 Claws Mail | 1 Claws Mail Tools | 2024-02-04 | 3.6 LOW | N/A |
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file. |