Total
1037 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5743 | 1 Pdfjam | 1 Pdfjam | 2023-12-10 | 6.9 MEDIUM | N/A |
pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2008-4475 | 1 Gnu | 1 Ibackup | 2023-12-10 | 7.2 HIGH | N/A |
ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2008-5370 | 1 Pvpgn | 1 Pvpgn | 2023-12-10 | 6.9 MEDIUM | N/A |
pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file. | |||||
CVE-2008-4969 | 1 Alastair Mckinstry | 1 Ltp-network-test | 2023-12-10 | 6.9 MEDIUM | N/A |
ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts. | |||||
CVE-2008-6552 | 2 Fedoraproject, Redhat | 5 Fedora, Cluster Project, Cman and 2 more | 2023-12-10 | 6.9 MEDIUM | N/A |
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | |||||
CVE-2008-5153 | 1 Moodle | 1 Moodle | 2023-12-10 | 6.9 MEDIUM | N/A |
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file. | |||||
CVE-2008-4580 | 1 Gentoo | 2 Cman, Fence | 2023-12-10 | 7.2 HIGH | N/A |
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file. | |||||
CVE-2008-4939 | 1 Apertium | 1 Apertium | 2023-12-10 | 6.9 MEDIUM | N/A |
apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | |||||
CVE-2008-5367 | 1 Marco D\'itri | 1 Ppp-udeb | 2023-12-10 | 6.9 MEDIUM | N/A |
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file. | |||||
CVE-2008-4162 | 1 Nooms | 1 Nooms | 2023-12-10 | 4.3 MEDIUM | N/A |
Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||||
CVE-2008-4406 | 1 Debian | 1 Xsabre | 2023-12-10 | 7.2 HIGH | N/A |
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files. | |||||
CVE-2008-5368 | 1 Lukas Ruf | 1 Muttprint | 2023-12-10 | 6.9 MEDIUM | N/A |
muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. | |||||
CVE-2008-4938 | 1 Aegis | 2 Aegis, Aegis-web | 2023-12-10 | 6.9 MEDIUM | N/A |
aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts. | |||||
CVE-2008-4941 | 1 Arb Project | 1 Arb-common | 2023-12-10 | 6.9 MEDIUM | N/A |
arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts. | |||||
CVE-2008-5299 | 1 Karakas-online | 1 Chm2pdf | 2023-12-10 | 6.9 MEDIUM | N/A |
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories. | |||||
CVE-2008-4990 | 1 Enomaly | 1 Elastic Computing Platform | 2023-12-10 | 6.9 MEDIUM | N/A |
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file. | |||||
CVE-2008-3521 | 1 Jasper Project | 1 Jasper | 2023-12-10 | 7.2 HIGH | N/A |
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion. | |||||
CVE-1999-1593 | 1 Microsoft | 3 Windows 2000, Windows 95, Windows 98 | 2023-12-10 | 7.6 HIGH | N/A |
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. | |||||
CVE-2008-4971 | 1 Align.bmr.kyushu-u.ac | 1 Mafft | 2023-12-10 | 6.9 MEDIUM | N/A |
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files. | |||||
CVE-2008-4981 | 1 Remi Vanicat | 1 Realtimebattle | 2023-12-10 | 6.9 MEDIUM | N/A |
perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file. |