CVE-2008-5313

CVE-2008-5313 affects MailScanner: versions 4.68.8 and other builds before 4.74.16-1 are exploitable via a local symlink attack that can overwrite arbitrary files in several autoupdate and MailScanner script paths (e.g., /etc/MailScanner/autoupdate/, /etc/MailScanner/wrapper/, /usr/share/MailScan...

CVE-2008-5312

CVE-2008-5312 affects MailScanner 4.55.10 and earlier; before 4.74.16-1, local users could exploit a symlink vulnerability to overwrite arbitrary files via temporary files used by autoupdate scripts (f-prot-autoupdate, clamav-autoupdate, panda-autoupdate.new, trend-autoupdate.new, rav-autoupdate....

CVE-2008-5313

mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the 1 f-prot-autoupdate, 2 clamav-autoupdate, 3 avast-autoupdate, and 4 f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/;...

Visagesoft eXPert PDF Viewer ActiveX Control File Overwrite Vulnerability

eXPert PDF Viewer ActiveX is prone to an ActiveX Control based file overwrite vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FlexCell Grid Control ActiveX Arbitrary File Overwrite Vulnerability

This host is installed with FlexCell Grid Control ActiveX and is prone to arbitrary File Overwrite vulnerability. OpenVAS Vulnerability Test $Id: secpodflexcellactivexfileoverwrirevuln900406.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: FlexCell Grid Control ActiveX Arbitrary File Overwrite...

FlexCell Grid Control ActiveX Arbitrary File Overwrite Vulnerability

FlexCell Grid Control ActiveX is prone to an arbitrary file overwrite vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2008-5256

The CVE-2008-5256 entry concerns VirtualBox prior to 2.0.6. The vulnerability resides in AcquireDaemonLock (ipcdUnix.cpp) and enables local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file. CVSSv2 base score is 4.4 (Medium) with Local access, N...

Chilkat Socket ActiveX SaveLastError()任意文件覆盖漏洞

BUGTRAQ ID: 32333 Chilkat socket组件为TCP/IP套接字编程提供简单易用的API。 ChilkatSocket.ChilkatSocket.1 ActiveX控件（ChilkatSocket.dll）没有正确地验证对SaveLastError方式所提供的输入参数，如果远程攻击者受骗访问了恶意网页并向该方式传送了恶意输入的话，就可能导致以当前登录用户的权限覆盖和破坏系统上的任意文件。 Chilkat Software ChilkatSocket.DLL 2.3.1.1 临时解决方法： 为clsid...

CVE-2008-5147

test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file...

CVE-2008-5136

tkusr in tkusr 0.82 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/tkusr.pgm temporary file...

CVE-2008-5153

spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/spell-check-debug.log, 2 /tmp/spell-check-before, or 3 /tmp/spell-check-after temporary file...

CVE-2008-5145

ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu. temporary file...

CVE-2008-5152

inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/inmail.log or 2 /tmp/inmail.stdin temporary file...

CVE-2008-5152

inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/inmail.log or 2 /tmp/inmail.stdin temporary file...

CVE-2008-5149

fwdcheck.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ temporary file...

CVE-2008-5138

passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd. temporary file...

CVE-2008-5135

os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/mounted-map or 2 /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-roo...

CVE-2008-5141

flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar. temporary file...

CVE-2008-5147

test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file...

Design/Logic Flaw

sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ temporary file...