Vulnerabilities (CVE)

Filtered by CWE-59
Total 1156 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3930 1 Debian 1 Citadel Server 2024-11-21 6.9 MEDIUM N/A
migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2008-3929 1 Ampache 1 Ampache 2024-11-21 7.2 HIGH N/A
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.
CVE-2008-3928 1 Debian 1 Honeyd Common 2024-11-21 6.9 MEDIUM N/A
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2008-3927 1 Tiger 1 Tiger 2024-11-21 7.2 HIGH N/A
genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files.
CVE-2008-3883 1 Caudium 1 Caudium 2024-11-21 7.2 HIGH N/A
configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file.
CVE-2008-3791 1 Lxde 1 Lightweight X11 Desktop Environment 2024-11-21 4.6 MEDIUM N/A
src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.
CVE-2008-3699 1 Amarok 1 Amarok 2024-11-21 3.3 LOW N/A
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
CVE-2008-3524 1 Redhat 2 Fedora, Initscripts 2024-11-21 4.7 MEDIUM N/A
rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.
CVE-2008-3521 1 Jasper Project 1 Jasper 2024-11-21 7.2 HIGH N/A
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
CVE-2008-3456 1 Phpmyadmin 1 Phpmyadmin 2024-11-21 6.4 MEDIUM N/A
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
CVE-2008-3329 1 Twibright 1 Links 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
CVE-2008-3261 1 Claroline 1 Claroline 2024-11-21 4.3 MEDIUM N/A
Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
CVE-2008-3227 1 Joomla 1 Joomla 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVE-2008-3216 1 Debian 1 Projectl 2024-11-21 4.6 MEDIUM N/A
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2008-2389 1 Opensuse 1 Opensuse 2024-11-21 4.9 MEDIUM N/A
opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack.
CVE-2008-2311 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 7.6 HIGH N/A
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.
CVE-2008-2266 2 Nzbget, Uudeview 2 Nzbget, Uudeview 2024-11-21 4.4 MEDIUM N/A
uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
CVE-2008-1901 1 Debian 1 Aptlinex 2024-11-21 7.2 HIGH N/A
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file.
CVE-2008-1832 1 Cecilia 1 Cecilia 2024-11-21 3.3 LOW N/A
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.
CVE-2008-1694 1 Gnu 2 Emacs, Sccs 2024-11-21 4.6 MEDIUM N/A
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.