6871 matches found
p5-DBI -- insecure temporary file creation vulnerability
Javier Fernández-Sanguino Peña reports: The DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library...
DSA-658-1 libdbi-perl - insecure temporary file
Bulletin has no description...
CVE-2004-1181
htmlheadline before 21.8 allows local users to overwrite arbitrary files via a symlink attack on temporary files...
DivX Player skin files directory traversal
During installation of DivX skin file it's possible ot overwrite any files in any location...
CVE-2005-0004
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files...
Moderate: Red Hat Security Advisory: krb5 security update
Updated Kerberos krb5 packages that correct buffer overflow and temporary file bugs are now available for Red Hat Enterprise Linux. Kerberos is a networked authentication system that uses a trusted third party a KDC to authenticate clients and servers to each other. A heap based buffer overflow b...
CVE-2004-1360
Unknown vulnerability in convfix in Sun Solaris 7 through 9, when invoked by convlpd, allows local users to overwrite arbitrary files...
CVE-2003-0014
CVE-2003-0014 details : The Debian bmv package (version 1.2 and earlier) is vulnerable to an insecure temporary-file creation flaw that allows a local attacker to overwrite arbitrary files via a symlink attack on temporary files. Debian’s DSA-633-1 describes the impact as local, with exploitation...
CVE-2004-1376
CVE-2004-1376 describes a directory traversal vulnerability in Microsoft Internet Explorer (versions 5.01, 5.5, and 6.0) where remote FTP servers can cause the client to overwrite arbitrary files by using .. sequences in filenames returned from an FTP LIST. The connected material confirms the fla...
CVE-2003-0014
gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2004-1376
Directory traversal vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious FTP servers to overwrite arbitrary files via .. dot dot sequences in filenames returned from a LIST command...
CVE-2004-1377
The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2004-1377
The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2005-0069
The 1 tcltags or 2 vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files...
CVE-2004-1294
The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / slash characters...
CVE-2004-1110
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file...
CVE-2004-1110
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file...
CVE-2004-0770
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of 1 gzip or 2 bzip ROM files...
CVE-2004-1276
IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP...
CVE-2004-0770
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of 1 gzip or 2 bzip ROM files...