CVE-2008-5375

cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...

DEBIAN-CVE-2008-5378

arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...

CVE-2008-5368

muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file...

CVE-2008-5378

arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...

CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...

CVE-2008-5378

arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...

CVE-2008-5379

Summary: CVE-2008-5379 affects netdisco-mibs-installer 1.0. A local attacker can exploit a symlink attack on the temporary file /tmp/netdisco-mibs-0.6.tar.gz to overwrite arbitrary files, related to the netdisco-mibs-install and netdisco-mibs-download scripts. The vulnerability is labeled as loca...

CVE-2008-5377

CVE-2008-5377 : A local privilege-escalation in CUPS 1.3.8 via the pstopdf filter. The vulnerability arises from a symlink attack on the temporary file /tmp/pstopdf.log, allowing local users to overwrite arbitrary files and potentially gain elevated privileges. Public references include exploit-d...

CVE-2008-5375

CVE-2008-5375 affects cmus 2.2.0: cmus-status-display does not securely handle the /tmp/cmus-status temporary file, allowing a local attacker to perform a symlink attack and overwrite arbitrary files with the privileges of the running user. The issue is local in scope and tied to insecure tempora...

CVE-2008-5374

CVE-2008-5374 affects Bash 3.2 where bash-doc allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to aliasconv.sh, aliasconv.bash, and cshtobash. The vulnerability arises from insecure temporary file handling in the Bash documentation/s...

CVE-2008-5372

The CVE-2008-5372 entry concerns sdm-login in sdm-terminal 0.4.0b, where a local user can exploit a symlink vulnerability to overwrite the temporary file /tmp/sdm.autologin.once. This is a local privilege issue that can impact confidentiality and integrity (as indicated by the CVE data) through a...

CVE-2008-5371

CVE-2008-5371 affects Screenie up to version 1.30.0. The vulnerability is due to insecure handling of temporary files in /tmp/.screenie. A local attacker could perform a symlink attack to overwrite arbitrary files with the privileges of the running user. A fix is available: upgrade to Screenie 1....

CVE-2008-5369

CVE-2008-5369 affects noip2 version 2.1.7, where a local user can overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file. The underlying issue is a symlink race that enables local privilege influence on file contents. The available documents explicitly state the vulnerabi...

CVE-2008-5368

CVE-2008-5368 affects muttprint 0.72d. The flaw is an insecure usage of the temporary file /tmp/muttprint.log, allowing local users to perform a symlink attack and overwrite arbitrary files with the caller’s privileges. Gentoo GLSA 200903-35 recommends upgrading to muttprint-0.72d-r1 to fix the i...

CVE-2008-5375

cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...

CVE-2008-5368

muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file...

CVE-2008-5371

screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie. temporary file...

Visagesoft eXPert PDF EditorX Insecure Method

VISAGESOFT eXPert PDF EditorX VSPDFEditorX.ocx INSECURE METHOD SITE: http://www.visagesoft.com This was written for educational purpose. Use it at your own risk. Author will be not responsible for any damage. Author: Marco Torti mail: marcotorti2atyahoodotcom...

Visagesoft eXPert PDF EditorX - 'VSPDFEditorX.ocx' Insecure Method

VISAGESOFT eXPert PDF EditorX VSPDFEditorX.ocx INSECURE METHOD SITE: http://www.visagesoft.com This was written for educational purpose. Use it at your own risk. Author will be not responsible for any damage. Author: Marco Torti mail: marcotorti2atyahoodotcom...

Design/Logic Flaw

mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the 1 f-prot-autoupdate, 2 clamav-autoupdate, 3 avast-autoupdate, and 4 f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/;...