Lucene search

[email protected]CVE-2008-1832

HistoryApr 16, 2008 - 3:05 p.m.

CVE-2008-1832

2008-04-1615:05:00

CWE-59

[email protected]

web.nvd.nist.gov

cecilia 2.0.5

lib/prefs.tcl

arbitrary file overwrite

symlink attack

nvd

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.

Affected configurations

NVD

Node

ceciliaceciliaMatch2.0.5

CPENameOperatorVersion
cecilia:ceciliaceciliaeq2.0.5

CPE	Name	Operator	Version
cecilia:cecilia	cecilia	eq	2.0.5

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321

secunia.com/advisories/29832

www.securityfocus.com/bid/28805

exchange.xforce.ibmcloud.com/vulnerabilities/41837

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-1832

nvd1 debiancve1 ubuntucve1 cvelist1 prion1