CVE-2014-3982

CVE-2014-3982 affects Lynis on AIX prior to 1.5.5, where include/tests_webservers can be abused via a symlink attack to overwrite the file /tmp/lynis.*, enabling local privilege impact (I) with partial integrity and availability impacts; confidentiality remains unaffected. The issue is mitigated ...

CVE-2014-3981

CVE-2014-3981 affects PHP 5.5.13 and earlier. The vulnerability arises from the acinclude.m4 usage in the configure script, enabling a local user to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. Impact is local privilege-related, enabling file tampering. The provi...

PT-2014-1416 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 5.5.13 and earlier Description: The issue allows a local user to overwrite arbitrary files by exploiting a symlink attack on the /tmp/phpglibccheck file. This is due to a vulnerability in acinclude.m4, which is used in the...

Adobe Reader Temporary Files Arbitrary File Overwrite Vulnerability - Linux

Adobe Reader is prone to symlink attack vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

AIX 7.1 TL 3 : bos.rte.odm (U860798)

The remote host is missing AIX PTF U860798, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

AIX 6.1 TL 9 : bos.rte.odm (U861946)

The remote host is missing AIX PTF U861946, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

AIX 7.1 TL 3 : libodm (IV60303)

AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory libodmadvisory.asc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

AIX 7.1 TL 2 : libodm (IV60314)

AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory libodmadvisory.asc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

AIX 7.1 TL 1 : libodm (IV60312)

AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory libodmadvisory.asc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

CVE-2014-3421

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file...

CVE-2014-3424

lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp. temporary file...

CVE-2014-3421

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file...

CVE-2014-3424

CVE-2014-3424 affects GNU Emacs 24.3 and earlier. The vulnerability is in lisp/net/tramp-sh.el, where a symlink attack on a /tmp/tramp-XXXXX temporary file allows a local user to overwrite arbitrary files. CVSSv2 from NVD shows base score 3.3 (AV:L, AC:M, I:P, A:P; no confidentiality impact). Con...

CVE-2014-3422

CVE-2014-3422 affects GNU Emacs 24.3 and earlier. The vulnerability allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. Public documents (OpenVAS/Nessus/EulerOS advisories) confirm the existence and nature of the issue but do not specify a ve...

CVE-2014-3423

CVE-2014-3423 affects GNU Emacs 24.3 and earlier, where lisp/net/browse-url.el allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic temporary file. The connected sources confirm this local-privilege issue and describe the exact path and file involved, but do not p...

CVE-2014-3421

CVE-2014-3421 affects GNU Emacs 24.3 and earlier. The vulnerability is in lisp/gnus/gnus-fun.el, enabling local users to overwrite arbitrary files via a symlink attack on /tmp/gnus.face.ppm. Connected sources (EMACS advisories) confirm the affected versions and the symlink-based overwrite vector;...

CVE-2014-3421

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file...

CVE-2014-3422

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/...

CVE-2014-3421

Removed by vendor...

CVE-2013-0350

CVE-2013-0350 affects pktstat 1.8.5 via a local-symlink vulnerability in /tmp/smtp.log that lets a local user overwrite arbitrary files. The connected documents confirm the affected component and the root cause (symlink attack) and the impact (arbitrary file overwrite). No concrete remediation or...