CVE-2008-5152

inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/inmail.log or 2 /tmp/inmail.stdin temporary file...

Exodus 0.10 - URI Handler Arbitrary Parameter Injection (1)

Exodus 0.10 - URI Handler Arbitrary Parameter Injection 1 -------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems...

CVE-2008-5089

CVE-2008-5089 describes multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) of Data Dynamics ActiveReports 2.5.0.1314 . The underlying issue allows remote attackers to overwrite arbitrary files by calling one of three methods: Pages.Save ...

Chilkat Crypt ActiveX Control 'ChilkatCrypt2.dll' File Overwrite Vulnerability

Chilkat Crypt is prone to an ActiveX Control based arbitrary file overwrite vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2008-5034

The CVE-2008-5034 issue affects printfilters-ppd 2.13 (master-filter). A symlink attack on the /tmp/filter.debug temporary file enables local users to overwrite arbitrary files. The vendor disputes the vulnerability, stating that the package does not have a possibility of attack via symlinks. Imp...

CVE-2008-5007

createlazarusexporttgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a 1 /tmp/lazarus.tgz temporary file or a 2 /tmp/lazarus temporary directory...

CVE-2008-5007

CVE-2008-5007 affects Lazarus 0.9.24. The vulnerability arises from a symlink attack on temporary paths used by create_lazarus_export_tgz.sh, specifically (1) /tmp/lazarus.tgz and (2) /tmp/lazarus, allowing local users to overwrite or delete arbitrary files. The root cause is improper handling of...

CVE-2008-4993

qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file...

CVE-2008-4995

redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default...

CVE-2008-4994

The CVE-2008-4994 entry concerns the xmcd 2.6 package where the (1) ncsarmt and (2) ncsawrap scripts can be exploited by a local attacker to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid file. This vulnerability arises from insecure temporary file handling in xmcd component...

CVE-2008-4996

init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is used in a single-user context; there's no possibility that this is exploitable...

CVE-2008-4995

The CVE-2008-4995 entry concerns bk2site 1.1.9, where a symlink attack against the temporary file /tmp/redirect.log in redirect.pl permits local users to overwrite arbitrary files. The underlying issue is a symlink-based write risk present when the program operates in debug mode (which is disable...

DEBIAN-CVE-2008-4982

rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270...

CVE-2008-4982

rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270...

CVE-2008-4979

getipacctg in rancid 2.3.2a8 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/ipacct..prefixes, 2 /tmp/ipacct..sorted, 3 /tmp/ipacct..pl, and 4 /tmp/ipacct. temporary files...

CVE-2008-4986

wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/env, b /tmp/sed, and c /tmp/referer-home.log temporary files, related to the 1 coqweb and 2 account.sh scripts...

CVE-2008-4985

vdrleaktest in Video Disk Recorder aka vdr-dbg or vdr 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file...

CVE-2008-4988

pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal temporary file...

CVE-2008-4973

i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/i2my.1 and 2 /tmp/i2my.2 temporary files...

CVE-2008-4969

ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/vsftpd.conf, b /tmp/udp/2/, c /tmp/tcp/2/, d /tmp/udp/3/, e /tmp/tcp/3/, f /tmp/nfsfsstress.udp.2.log, g /tmp/nfsfsstress.udp.3.log, h /tmp/nfsfsstress.tcp.2.log, i /tmp/nfsfsstress.tcp.3.log,...