Search
Total
874 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2017-08-08 | 6.9 MEDIUM | N/A |
| sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | |||||
| CVE-2008-5138 | 1 Bkleineidam | 1 Libpam Mount | 2017-08-08 | 6.9 MEDIUM | N/A |
| passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file. | |||||
| CVE-2008-4976 | 1 Alan Woodland | 2 Ogle, Ogle-mmx | 2017-08-08 | 6.9 MEDIUM | N/A |
| ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mpeg_ps.#####, (f) /tmp/ogle_mpeg_vs.#####, (g) /tmp/ogle_nav.#####, and (h) /tmp/ogle_vout.#####, temporary files, related to the (1) ogle_audio_debug, (2) ogle_cli_debug, (3) ogle_ctrl_debug, (4) ogle_gui_debug, (5) ogle_mpeg_ps_debug, (6) ogle_mpeg_vs_debug, (7) ogle_nav_debug, and (8) ogle_vout_debug scripts. | |||||
| CVE-2008-5140 | 1 Debian | 1 Mailscanner | 2017-08-08 | 6.9 MEDIUM | N/A |
| trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file. | |||||
| CVE-2008-4978 | 1 Radiance | 1 Radiance | 2017-08-08 | 6.9 MEDIUM | N/A |
| radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts. | |||||
| CVE-2008-5007 | 1 Lazarus | 1 Lazarus | 2017-08-08 | 6.9 MEDIUM | N/A |
| create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | |||||
| CVE-2008-5147 | 1 Holloway | 1 Docvert | 2017-08-08 | 6.9 MEDIUM | N/A |
| test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file. | |||||
| CVE-2008-4935 | 1 Amiga | 1 Aview | 2017-08-08 | 6.9 MEDIUM | N/A |
| asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file. | |||||
| CVE-2008-4936 | 1 Gert Doering | 1 Mgetty | 2017-08-08 | 6.9 MEDIUM | N/A |
| faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file. | |||||
| CVE-2008-4937 | 1 Openoffice | 1 Openoffice.org | 2017-08-08 | 2.6 LOW | N/A |
| senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file. | |||||
| CVE-2008-4938 | 1 Aegis | 2 Aegis, Aegis-web | 2017-08-08 | 6.9 MEDIUM | N/A |
| aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts. | |||||
| CVE-2008-4939 | 1 Apertium | 1 Apertium | 2017-08-08 | 6.9 MEDIUM | N/A |
| apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | |||||
| CVE-2008-4940 | 1 Aptoncd | 1 Aptoncd | 2017-08-08 | 6.9 MEDIUM | N/A |
| xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file. | |||||
| CVE-2008-4941 | 1 Arb Project | 1 Arb-common | 2017-08-08 | 6.9 MEDIUM | N/A |
| arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts. | |||||
| CVE-2008-4942 | 1 Audiolink | 1 Audiolink | 2017-08-08 | 6.9 MEDIUM | N/A |
| audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files. | |||||
| CVE-2009-0347 | 1 Autonomy | 1 Ultraseek | 2017-08-08 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. | |||||
| CVE-2008-5152 | 1 Peter S Galbraith | 1 Mh-book | 2017-08-08 | 6.9 MEDIUM | N/A |
| inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/inmail#####.log or (2) /tmp/inmail#####.stdin temporary file. | |||||
| CVE-2009-0313 | 1 Kegel | 1 Winetricks | 2017-08-08 | 6.9 MEDIUM | N/A |
| winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file. | |||||
| CVE-2008-4944 | 1 Gleydson Mazioli Da Silva | 1 Cdcontrol | 2017-08-08 | 6.9 MEDIUM | N/A |
| writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files. | |||||
| CVE-2008-4945 | 1 Tivano | 1 Cdrw-taper | 2017-08-08 | 6.9 MEDIUM | N/A |
| amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory. | |||||
| CVE-2009-0032 | 2 Apple, Mandriva | 4 Cups, Corporate Server, Linux and 1 more | 2017-08-08 | 6.9 MEDIUM | N/A |
| CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. | |||||
| CVE-2008-5153 | 1 Moodle | 1 Moodle | 2017-08-08 | 6.9 MEDIUM | N/A |
| spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file. | |||||
| CVE-2008-4995 | 1 Jose M.vidal | 1 Bk2site | 2017-08-08 | 6.9 MEDIUM | N/A |
| redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default. | |||||
| CVE-2008-4949 | 1 Manoj Srivastava | 1 Dist | 2017-08-08 | 6.9 MEDIUM | N/A |
| dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts. | |||||
| CVE-2008-5154 | 1 Koeniglich | 1 P3nfs | 2017-08-08 | 6.9 MEDIUM | N/A |
| bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/blue.log temporary file. | |||||
| CVE-2008-4994 | 1 Ti Kan | 1 Xmcd | 2017-08-08 | 6.9 MEDIUM | N/A |
| The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. | |||||
| CVE-2008-4951 | 1 Gplhost | 1 Dtc-common | 2017-08-08 | 6.9 MEDIUM | N/A |
| dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts. | |||||
| CVE-2008-4952 | 1 Emacs | 1 Emacs-jabber | 2017-08-08 | 6.9 MEDIUM | N/A |
| emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file. | |||||
| CVE-2008-5157 | 1 Uoregon | 1 Tau | 2017-08-08 | 6.9 MEDIUM | N/A |
| tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts. | |||||
| CVE-2008-5141 | 1 Dann Frazier | 1 Flamethrower | 2017-08-08 | 6.9 MEDIUM | N/A |
| flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file. | |||||
| CVE-2008-5256 | 1 Virtualox | 1 Virtualox | 2017-08-08 | 4.4 MEDIUM | N/A |
| The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file. | |||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2017-08-08 | 6.9 MEDIUM | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | |||||
| CVE-2008-4958 | 1 Alejandro Garrido Mota | 1 Gdrae | 2017-08-08 | 6.9 MEDIUM | N/A |
| gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file. | |||||
| CVE-2008-4959 | 1 Gpsdrive | 1 Gpsdrive-scripts | 2017-08-08 | 6.9 MEDIUM | N/A |
| geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files. | |||||
| CVE-2008-5299 | 1 Karakas-online | 1 Chm2pdf | 2017-08-08 | 6.9 MEDIUM | N/A |
| chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories. | |||||
| CVE-2008-4964 | 1 Krzysztof Kozlowski | 1 Konwert | 2017-08-08 | 6.9 MEDIUM | N/A |
| filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file. | |||||
| CVE-2008-5825 | 1 Nokia | 1 6131 Nfc | 2017-08-08 | 2.6 LOW | N/A |
| The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone. | |||||
| CVE-2008-5746 | 1 Sun | 2 Snmp Management Agent, Solaris | 2017-08-08 | 6.9 MEDIUM | N/A |
| Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. | |||||
| CVE-2008-4965 | 1 Savonet | 1 Liguidsoap | 2017-08-08 | 6.9 MEDIUM | N/A |
| liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files. | |||||
| CVE-2008-5743 | 1 Pdfjam | 1 Pdfjam | 2017-08-08 | 6.9 MEDIUM | N/A |
| pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2008-4966 | 1 Openswan | 1 Linux-patch-openswan | 2017-08-08 | 6.9 MEDIUM | N/A |
| linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts. | |||||
| CVE-2008-4967 | 1 Linuxtrade | 1 Linuxtrade | 2017-08-08 | 6.9 MEDIUM | N/A |
| linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts. | |||||
| CVE-2008-4968 | 1 Bitmover | 1 Lmbench | 2017-08-08 | 6.9 MEDIUM | N/A |
| The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file. | |||||
| CVE-2008-4969 | 1 Alastair Mckinstry | 1 Ltp-network-test | 2017-08-08 | 6.9 MEDIUM | N/A |
| ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts. | |||||
| CVE-2008-3930 | 1 Debian | 1 Citadel Server | 2017-08-08 | 6.9 MEDIUM | N/A |
| migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2008-4192 | 1 Redhat | 1 Cman | 2017-08-08 | 6.9 MEDIUM | N/A |
| The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file. | |||||
| CVE-2008-4284 | 1 Ibm | 1 Websphere Application Server | 2017-08-08 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the ibm_security_logout servlet in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.x versions, 6.0.x before 6.0.2.33, and 6.1.x before 6.1.0.23 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage feature. | |||||
| CVE-2008-4406 | 1 Debian | 1 Xsabre | 2017-08-08 | 7.2 HIGH | N/A |
| A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files. | |||||
| CVE-2008-3929 | 1 Ampache | 1 Ampache | 2017-08-08 | 7.2 HIGH | N/A |
| gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file. | |||||
| CVE-2008-3928 | 1 Debian | 1 Honeyd Common | 2017-08-08 | 6.9 MEDIUM | N/A |
| test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||