Code injection

The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...

rubygem-ruby_parser: incorrect temporary file usage

The diffpp function in lib/gauntletrubyparser.rb in the rubyparser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...

Pidgin < 2.10.7 Multiple Vulnerabilities

The version of Pidgin installed on the remote host is earlier than 2.10.7. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the 'MXit' plugin and the saving of images that could allow arbitrary files to be overwritten. CVE-2013-0271 - A...

DEBIAN-CVE-2013-0271

The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted 1 mxit or 2 mxit/imagestrips pathname...

Code injection

The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted 1 mxit or 2 mxit/imagestrips pathname...

CVE-2013-0271

The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted 1 mxit or 2 mxit/imagestrips pathname...

CVE-2013-0271

CVE-2013-0271 affects the MXit protocol plugin in libpurple/Pidgin. The vulnerability exists in Pidgin before version 2.10.7 and allows remote attackers to create or overwrite files via crafted MXIT pathname handling (1) mxit or (2) mxit/imagestrips). OpenVAS and vendor advisories reference fixes...

CVE-2013-0271

The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted 1 mxit or 2 mxit/imagestrips pathname...

CVE-2012-5564

android-tools 4.1.1 in Android Debug Bridge ADB allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log...

CVE-2013-0265

The CVE concerns xNBD 0.1.0 (xnbd-server and xNBD wrapper); the redirect_stderr function in xnbd_common.c allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log. Affected components are the xnbd-server/xndb-wrapper with the cited version. Impact is defined as l...

CVE-2013-0265

Removed by vendor...

AIX 6.1 TL 6 : libodm (IV21379)

AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch has been replaced. Disabled on 2014/06/02. C Tenable Network Security, Inc. The text in the description was extracted fro...

GRAND Flash Album Gallery Plugin for WordPress 'f' Parameter Traversal Arbitrary Directory Enumeration

The Grand Flash Album Gallery Plugin for WordPress installed on the remote host is affected by a directory traversal vulnerability due to a failure to properly sanitize user-supplied input to the 'f' parameter of its 'facebook.php' script. This vulnerability allows an unauthenticated, remote...

Aloaha PDF Crypter 3.5.0.1164 File Overwrite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================================ TITLE: ============================================================================================ Aloaha PDF Crypter 3.5.0.1164 activex arbitrary file...

Aloaha PDF Crypter (3.5.0.1164) ActiveX Arbitrary File Overwrite

Exploit for windows platform in category dos / poc ============================================================================================ TITLE: ============================================================================================ Aloaha PDF Crypter 3.5.0.1164 activex arbitrary file...

Aloaha PDF Crypter (3.5.0.1164) - ActiveX Arbitrary File Overwrite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================================ TITLE: ============================================================================================ Aloaha PDF Crypter 3.5.0.1164 activex arbitrary file...

Aloaha PDF Crypter (3.5.0.1164) - ActiveX Arbitrary File Overwrite

Aloaha PDF Crypter 3.5.0.1164 - ActiveX Arbitrary File Overwrite -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================================ TITLE:...

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

Binary data scadasiemensalmalmaxcxactivex.nbin...

CVE-2012-6348

Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to 1 overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or 2 overwrite arbitrary files and consequently gain privileges via a symlink attack on the...

PYSEC-2013-7

Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...