CVE-2008-5706

The CVE-2008-5706 entry concerns Verlihub (

CVE-2008-5704

CVE-2008-5704 affects gpsdrive (gpsdrive-scripts) 2.10~pre4. The vulnerability allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file (a vector distinct from CVE-2008-4959/5380). Reports in Red Hat and SUSE entries confirm the issue...

CVE-2008-5704

src/unittest.c in gpsdrive aka gpsdrive-scripts 2.10pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380...

CVE-2008-5404

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable...

CVE-2008-5404

The CVE-2008-5404 issue concerns the FlexCell Grid ActiveX Control (FlexCell.ocx 5.7.0.1). The vulnerability arises in the HttpDownloadFile method, enabling a remote attacker to create and overwrite arbitrary files. This could enable code execution by placing executables in Startup folders or via...

CVE-2008-5394

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...

DEBIAN-CVE-2008-5394

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...

CVE-2008-5372

sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file...

Design/Logic Flaw

muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file...

CVE-2008-5375

cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...

CVE-2008-5380

gpsdrive aka gpsdrive-scripts 2.09 allows local users to overwrite arbitrary files via a symlink attack on an a /tmp/geo, a b /tmp/geocaching.loc, a c /tmp/geo., or a d /tmp/geo. temporary file, related to the 1 geo-code and 2 geo-nearest scripts, different vectors than CVE-2008-4959...

CVE-2008-5371

screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie. temporary file...

CVE-2008-5376

editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.tag.tmp temporary file...

CVE-2008-5380

gpsdrive aka gpsdrive-scripts 2.09 allows local users to overwrite arbitrary files via a symlink attack on an a /tmp/geo, a b /tmp/geocaching.loc, a c /tmp/geo., or a d /tmp/geo. temporary file, related to the 1 geo-code and 2 geo-nearest scripts, different vectors than CVE-2008-4959...

CVE-2008-5372

sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file...

Design/Logic Flaw

pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file...

CVE-2008-5370

pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file...

Design/Logic Flaw

cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...

CVE-2008-5370

pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file...

CVE-2008-5377

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333...