Total
1064 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0163 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.4 MEDIUM | N/A |
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc. | |||||
CVE-2007-4652 | 1 Php | 1 Php | 2024-02-04 | 4.4 MEDIUM | N/A |
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink. | |||||
CVE-2006-5851 | 1 Openbase International Ltd | 1 Openbase | 2024-02-04 | 2.1 LOW | N/A |
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328. | |||||
CVE-2007-5437 | 1 Broadcom | 1 Etrust Integrated Threat Management | 2024-02-04 | 5.8 MEDIUM | N/A |
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689. | |||||
CVE-2008-0613 | 1 Xoops | 1 Xoops | 2024-02-04 | 5.0 MEDIUM | N/A |
Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter. | |||||
CVE-2007-5207 | 1 Debian | 1 Guilt | 2024-02-04 | 3.3 LOW | N/A |
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file. | |||||
CVE-2005-1111 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Cpio | 2024-02-04 | 3.7 LOW | 4.7 MEDIUM |
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | |||||
CVE-2005-0004 | 3 Debian, Mariadb, Oracle | 3 Debian Linux, Mariadb, Mysql | 2024-02-04 | 4.6 MEDIUM | N/A |
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. | |||||
CVE-2005-0824 | 1 Mathopd | 1 Mathopd | 2024-02-04 | 3.6 LOW | 5.5 MEDIUM |
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal. | |||||
CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2024-02-04 | 1.9 LOW | N/A |
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | |||||
CVE-2006-1247 | 1 Ibm | 1 Aix | 2024-02-04 | 3.3 LOW | N/A |
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2005-1879 | 1 Lutel | 1 Lutelwall | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | |||||
CVE-2005-1880 | 1 Everybuddy | 1 Everybuddy | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | |||||
CVE-2005-1916 | 2 Debian, Ekg Project | 2 Debian Linux, Ekg | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | |||||
CVE-2005-3126 | 1 Antiword | 1 Antiword | 2024-02-04 | 1.9 LOW | N/A |
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. | |||||
CVE-2005-2527 | 1 Sun | 1 Java | 2024-02-04 | 1.2 LOW | N/A |
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. | |||||
CVE-2004-2473 | 1 Wmfrog | 1 Wmfrog | 2024-02-04 | 1.2 LOW | N/A |
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2005-2714 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. | |||||
CVE-2004-0967 | 1 Aladdin Enterprises | 1 Ghostscript | 2024-02-04 | 7.2 HIGH | N/A |
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. | |||||
CVE-2005-3011 | 1 Gnu | 1 Texinfo | 2024-02-04 | 1.2 LOW | N/A |
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. |