Vulnerabilities (CVE)

Filtered by CWE-59
Total 1156 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1684 1 Sun 1 Solaris 2024-11-21 4.7 MEDIUM N/A
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.
CVE-2008-1569 2 Debian, Policyd-weight 2 Debian Linux, Policyd-weight 2024-11-21 3.3 LOW N/A
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.
CVE-2008-1417 1 Axyl 1 Axyl 2024-11-21 6.9 MEDIUM N/A
The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file.
CVE-2008-1241 1 Mozilla 2 Firefox, Seamonkey 2024-11-21 4.3 MEDIUM N/A
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.
CVE-2008-1199 1 Dovecot 1 Dovecot 2024-11-21 4.4 MEDIUM N/A
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
CVE-2008-1103 1 Blender 1 Blender 2024-11-21 6.9 MEDIUM N/A
Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."
CVE-2008-1078 2 Gentoo, Rpath 2 Linux, Rpath Linux 2024-11-21 7.2 HIGH N/A
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
CVE-2008-0930 2 Debian, Freshmeat 2 Debian Linux, Xwine 2024-11-21 7.2 HIGH N/A
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.
CVE-2008-0883 2 Adobe, Suse 4 Acrobat Reader, Open Suse, Suse Linux and 1 more 2024-11-21 3.7 LOW N/A
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.
CVE-2008-0870 2 Bea Systems, Oracle 2 Weblogic Portal, Weblogic Portal 2024-11-21 7.5 HIGH N/A
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
CVE-2008-0806 1 Paul Pelzl 1 Wyrd 2024-11-21 3.6 LOW N/A
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
CVE-2008-0732 2 Apache, Suse 2 Geronimo, Suse Linux 2024-11-21 2.1 LOW N/A
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
CVE-2008-0666 1 Website Meta Language 1 Website Meta Language 2024-11-21 3.6 LOW N/A
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.
CVE-2008-0665 1 Website Meta Language 1 Website Meta Language 2024-11-21 3.6 LOW N/A
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.
CVE-2008-0613 1 Xoops 1 Xoops 2024-11-21 5.0 MEDIUM N/A
Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.
CVE-2008-0525 3 Lumension Security, Novell, Unix 3 Patchlink Update, Zenworks Patch Management Update Agent, Unix 2024-11-21 4.6 MEDIUM N/A
PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other products, allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the logtrimmer script, and (2) execute arbitrary code via a symlink attack on the /tmp/plshutdown file used by the rebootTask script.
CVE-2008-0167 2 Debian, Gforge 2 Debian Linux, Gforge 2024-11-21 4.6 MEDIUM N/A
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
CVE-2008-0163 1 Linux 1 Linux Kernel 2024-11-21 4.4 MEDIUM N/A
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
CVE-2007-6692 1 Menalto 1 Gallery 2024-11-21 6.4 MEDIUM N/A
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules.
CVE-2007-6595 1 Clam Anti-virus 1 Clamav 2024-11-21 2.1 LOW N/A
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.