Total
1042 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-5007 | 1 Cisco | 1 Anyconnect Ssl Vpn | 2023-12-10 | 3.3 LOW | N/A |
The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files. | |||||
CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2023-12-10 | 1.9 LOW | N/A |
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | |||||
CVE-2010-3847 | 1 Gnu | 1 Glibc | 2023-12-10 | 6.9 MEDIUM | N/A |
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. | |||||
CVE-2010-0546 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 3.3 LOW | N/A |
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | |||||
CVE-2010-3691 | 1 Apereo | 1 Phpcas | 2023-12-10 | 3.3 LOW | N/A |
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file. | |||||
CVE-2011-3870 | 2 Puppet, Puppetlabs | 2 Puppet, Puppet | 2023-12-10 | 6.3 MEDIUM | N/A |
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file. | |||||
CVE-2010-2056 | 1 Gnu | 1 Gv | 2023-12-10 | 3.3 LOW | N/A |
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2010-0792 | 1 Thibault Godouet | 1 Fcron | 2023-12-10 | 1.9 LOW | N/A |
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file. | |||||
CVE-2011-2473 | 1 Maynard Johnson | 1 Oprofile | 2023-12-10 | 6.3 MEDIUM | N/A |
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760. | |||||
CVE-2009-5044 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2023-12-10 | 3.3 LOW | N/A |
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. | |||||
CVE-2011-2533 | 1 Freedesktop | 1 Dbus | 2023-12-10 | 3.3 LOW | N/A |
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/. | |||||
CVE-2010-2431 | 1 Apple | 1 Cups | 2023-12-10 | 2.6 LOW | N/A |
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | |||||
CVE-2009-4664 | 2 Fwbuilder, Linux | 2 Firewall Builder, Linux Kernel | 2023-12-10 | 3.3 LOW | N/A |
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script. | |||||
CVE-2009-5082 | 2 Gnu, Openwall | 2 Groff, Owl | 2023-12-10 | 3.3 LOW | N/A |
The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2010-0787 | 1 Samba | 1 Samba | 2023-12-10 | 4.4 MEDIUM | N/A |
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. | |||||
CVE-2011-1144 | 1 Php | 1 Pear | 2023-12-10 | 3.3 LOW | N/A |
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1072. | |||||
CVE-2010-4337 | 1 Gnu | 1 Gnash | 2023-12-10 | 3.3 LOW | N/A |
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files. | |||||
CVE-2010-1626 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2023-12-10 | 3.6 LOW | N/A |
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | |||||
CVE-2011-1072 | 1 Php | 1 Pear | 2023-12-10 | 3.3 LOW | N/A |
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519. | |||||
CVE-2010-1693 | 1 Openfabrics | 1 Enterprise Distribution | 2023-12-10 | 6.3 MEDIUM | N/A |
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. |