Lucene search

MitreCVE-2008-3927

HistorySep 04, 2008 - 6:41 p.m.

CVE-2008-3927

2008-09-0418:41:00

CWE-59

mitre

web.nvd.nist.gov

cve-2008-3927

tiger 3.2.2

symlink attack

file overwrite

file delete

local users

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files.

Affected configurations

Nvd

Node

tigertigerMatch3.2.2

VendorProductVersionCPE
tigertiger3.2.2cpe:2.3:a:tiger:tiger:3.2.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tiger	tiger	3.2.2	cpe:2.3:a:tiger:tiger:3.2.2:::::::*

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=496415

dev.gentoo.org/~rbu/security/debiantemp/tiger

secunia.com/advisories/31659

uvw.ru/report.lenny.txt

www.openwall.com/lists/oss-security/2008/10/30/2

www.securityfocus.com/bid/30876

bugs.gentoo.org/show_bug.cgi?id=235770

exchange.xforce.ibmcloud.com/vulnerabilities/44732

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-3927