CVE-2003-0578

ccidir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files...

CVE-2003-0679

Unknown vulnerability in the libcpr library for the Checkpoint/Restart cpr system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files...

CVE-1999-1263

Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file...

CVE-2003-0679

CVE-2003-0679 concerns a vulnerability in the libcpr library used by SGI’s Checkpoint/Restart (cpr) on IRIX 6.5.x. The issue, reported as a local vulnerability, permits users to truncate or overwrite certain files for which they lack permissions. The SGI Security Advisory 20030802-01-P explains t...

CVE-2003-0656

CVE-2003-0656 affects eroaster; a local user can overwrite arbitrary files by exploiting a symlink attack on the temporary lockfile used during operation. Public advisories (Debian DSA-366-1 and related entries) describe the issue as insecure temporary file creation. The vulnerability is fixed in...

Low: Red Hat Security Advisory: : Updated ddskk packages fix temporary file vulnerability

Updated ddskk packages which fix a temporary file security issue are now available. Daredevil SKK is a simple Kana to Kanji conversion program, an input method of Japanese for Emacs and XEmacs. ddskk does not take appropriate security precautions when creating temporary files. This bug could...

Low: Red Hat Security Advisory: ddskk security update

Updated ddskk packages which fix a temporary file security issue are now available. Daredevil SKK is a simple Kana to Kanji conversion program, an input method of Japanese for Emacs. ddskk does not take appropriate security precautions when creating temporary files. This bug could potentially be...

CVE-2003-0480

VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."...

[SECURITY] [DSA-366-1] New eroaster packages fix insecure temporary file creation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 366-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 5th, 2003 http://www.debian.org/security/faq -...

CVE-2003-0617

CVE-2003-0617 affects mindi ≤ 0.58, where insecure temporary file creation allows local users to overwrite arbitrary files. Debian DSA-362-1 fixes this by updating mindi to 0.58.r5-1woody1. Impact is local, with partial confidentiality, integrity, and availability implications as per CVSS. No exp...

CVE-2003-0617

mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files...

CVE-2003-0650

Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. dot dot sequences in filenames in a .APK Zip file...

CVE-2003-0650

The CVE concerns GSAPAK.EXE in GameSpy Arcade (likely affected versions before 1.3e). The issue is a directory traversal vulnerability that allows remote attackers to overwrite arbitrary files and potentially execute arbitrary code via .. sequences in filenames inside a .APK (Zip) file. CVSS v2 m...

IBM DB2 db2job - File Overwrite

source: https://www.securityfocus.com/bid/8344/info IBM's DB2 database ships with a utility called db2job, installed with permissions 4550 and owned by root.db2asgrp. It has been reported that db2job writes to a number of files with root privileges. The files written to are created with 0770...

IBM DB2 db2job - File Overwrite

IBM DB2 db2job - File Overwrite source: https://www.securityfocus.com/bid/8344/info IBM's DB2 database ships with a utility called db2job, installed with permissions 4550 and owned by root.db2asgrp. It has been reported that db2job writes to a number of files with root privileges. The files writt...

cdrtools privilege escalation

rscsi utility allows unprivileged user to overwrite any file...

DSA-362 mindi - insecure temporary file

Bulletin has no description...

CVE-2003-0606

CVE-2003-0606 affects the Debian package “sup” (1.8 and earlier). The issue is improper creation of temporary files, enabling a local attacker to overwrite arbitrary files with the user’s privileges. Documented in Debian DSA-353-1 and mirrored by Red Hat and OSV entries; remediation is to apply t...

CVE-2003-0603

Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions...

CVE-2003-0603

CVE-2003-0603 affects Bugzilla up to 2.16.2/2.17.x: local users could overwrite arbitrary files via a symlink attack on temporary files created in world- or group-writable directories. Root cause: insecure handling of temporary filenames leading to symlink exploits. Impact: local privilege or fil...