CVE-2006-1457

Safari on Apple Mac OS X 10.4.6, when "Open safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink...

CVE-2006-1440

BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links...

CVE-2006-1457

Safari on Mac OS X 10.4.6 is affected. When "Open 'safe' files after downloading" is enabled, archives are expanded automatically, which could allow a remote attacker to overwrite arbitrary files via an archive containing a symlink. Impact is the ability to write arbitrary files on the vulnerable...

CVE-2006-1440

The CVE-2006-1440 entry affects Apple Mac OS X, specifically versions 10.3.9 and 10.4.6. The vulnerability arises from a BOM-related issue where an archive containing symbolic links can lead attackers to overwrite arbitrary files. The connected documents corroborate the same description, reinforc...

winiso 5.3 - Directory Traversal

source: https://www.securityfocus.com/bid/17721/info Reportedly, an attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. A successful attack can allow the attacker to place potentially malicious files and to...

Privilege escalation in IBM AIX rm_mlcache_file with file overwrite

Race conditions on temporary file creation...

CVE-2006-1247

rmmlcachefile in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2006-1247

rmmlcachefile in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

DEBIAN-CVE-2006-1753

A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

CVE-2006-1753

A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

CVE-2006-1753

The CVE-2006-1753 entry concerns the fcheck package, where a cronjob creates a temporary file insecurely, enabling local users to overwrite arbitrary files via a symlink attack. Affected component: fcheck (cronjob). Root cause: insecure handling of a temporary file. Impact: local privilege impact...

CVE-2006-1753

A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

[SA19656] IBM AIX rm_mlcache_file Arbitrary File Overwrite

TITLE: IBM AIX rmmlcachefile Arbitrary File Overwrite SECUNIA ADVISORY ID: SA19656 VERIFY ADVISORY: http://secunia.com/advisories/19656/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: Local system OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ DESCRIPTION: A vulnerability...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1621

CVE-2006-1621 describes a directory traversal vulnerability in Hosting Controller 2002 RC 1, affecting the admin/folders/saveuploadfiles.asp handler. The flaw allows remote authenticated users to overwrite arbitrary files by supplying an absolute path in the OpenPath parameter, enabling potential...

Design/Logic Flaw

snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file...

CVE-2006-0050

snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file...

Code injection

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...

CVE-2006-0745

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...

DEBIAN-CVE-2006-0745

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...