CVE-2005-3011

The sortoffline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-2663

CVE-2005-2663 affects masqmail: opening the log file allows a local attacker to overwrite arbitrary files via a symlink attack, due to masqmail not relinquishing privileges. Affected versions are pre-0.2.18. Debian/DSA references indicate fixes in masqmail 0.2.20-1sarge1 and related updates for w...

CVE-2005-2663

Removed by vendor...

CVE-2005-2991

ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using 1 zdiff or 2 zcmp, a different vulnerability than CVE-2004-0970...

CVE-2005-2944

The performfilesave function in GNOME Workstation Command Center gwcc 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwccout.txt temporary file...

CVE-2005-2944

The performfilesave function in GNOME Workstation Command Center gwcc 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwccout.txt temporary file...

CVE-2005-2918

gtkdiskfree (versions 1.9.3 and earlier) is affected by CAN-2005-2918/CVE-2005-2918 due to insecure creation of a temporary file, enabling local attackers to overwrite arbitrary files via a symlink attack. Impact is local access with the user’s privileges; no remote code execution is indicated in...

CVE-2005-2864

URBAN 1.5.31 allows local users to overwrite arbitrary files via a symlink attack on the 1 high score or 2 save game files...

CVE-2005-2864

CVE-2005-2864 describes a local vulnerability in URBAN 1.5.3_1 where local users can overwrite arbitrary files through a symlink attack targeting the (1) high score or (2) save game files. The core root cause is a symlink-related file overwrite path that an unprivileged user can exploit, with a r...

CVE-2005-2809

silc daemon silcd.c in Secure Internet Live Conferencing SILC 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.PID.stats temporary file...

CVE-2005-1915

The vulnerability CVE-2005-1915 affects log4sh up to version 1.2.5, where the log4sh_readProperties function is exploitable. The root cause is a symlink attack on predictable log4sh.$$ filenames, enabling local attackers to overwrite arbitrary files. The CVSS-derived impact is low base score with...

iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability

Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability iDEFENSE Security Advisory 08.29.05 www.idefense.com/application/poi/display?id=297&type=vulnerabilities August 29, 2005 I. BACKGROUND Adobe Version Cue is a software version tracking system for Adobe products distributed with Adob...

CVE-2005-1856

The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack...

CVE-2005-2670

Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in 1 ACE, 2 ARJ, 3 CAB, 4 LZH, 5 RAR, 6 TAR and 7 ZIP files...

DEBIAN-CVE-2005-2672

pwmconfig in LMsensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file...

CVE-2004-2462

cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplaycontrol temporary file...

CVE-2004-2473

Technical details for CVE-2004-2473 are not publicly available in the provided documents; the entries summarize a local symlink-related overwrite vulnerability without product/version specifics beyond wmFrog 0.1.6 prior to 0.2.0.

CVE-2004-2462

CVE-2004-2462 affects cplay 1.49 on Linux. The vulnerability is a local symlink attack against the cplay_control temporary file, allowing local users to overwrite arbitrary files. No exploitation details or fixes are provided in the connected documents; remediation information is not available he...

CVE-2005-2559

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via 1 shell metacharacters in the epingcount parameter or 2 restricted shell metacharacters such as "" and "&" in the epinghost parameter, which is not handled by the...

GLSA-200508-05 : Heartbeat: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200508-05 Heartbeat: Insecure temporary file creation Eric Romang has discovered that Heartbeat insecurely creates temporary files with predictable filenames. Impact : A local attacker could create symbolic links in the temporary...