xen: insecure temporary file use in qemu-dm.debug

qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file...

Gentoo Security Advisory GLSA 200812-12 (honeyd)

The remote host is missing updates announced in advisory GLSA 200812-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200812-13 : OpenOffice.org: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200812-13 OpenOffice.org: Multiple vulnerabilities Two heap-based buffer overflows when processing WMF files CVE-2008-2237 and EMF files CVE-2008-2238 were discovered. Dmitry E. Oboukhov also reported an insecure temporary file...

GLSA-200812-12 : Honeyd: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200812-12 Honeyd: Insecure temporary file creation Dmitry E. Oboukhov reported an insecure temporary file usage within the 'test.sh' script. Impact : A local attacker could perform symlink attacks and overwrite arbitrary files wit...

chm2pdf Insecure Temporary File Creation or DoS Vulnerability

This host is installed with chm2pdf and is prone to Insecure Temporary File Creation or Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbchm2pdfinsectmpfilecrtnvuln.nasl 4218 2016-10-05 14:20:48Z teissa $ chm2pdf Insecure Temporary File Creation or DoS Vulnerability Authors:...

OpenOffice.org: Multiple vulnerabilities

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description Two heap-based buffer overflows when processing WMF files CVE-2008-2237 and EMF files...

chm2pdf Insecure Temporary File Creation or DoS Vulnerability

chm2pdf is prone to an insecure temporary file creation or denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fedora 8 : geda-gnetlist-20080929-2.fc8 (2008-9694)

CVE-2008-5148 geda-gnetlist insecure temporary file use Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

OpenOffice senddoc Insecure Temporary File Creation Vulnerability - Windows

OpenOffice is prone to an insecure temporary file creation vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenOffice.org <= 2.4.1 senddoc Insecure Temporary File Creation Vulnerability - Linux

OpenOffice.org is prone to an insecure temporary file creation vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Gentoo Security Advisory GLSA 200511-16 (GNUMP3d)

The remote host is missing updates announced in advisory GLSA 200511-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: mc

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

skk Arbitrary Code Execution Vulnerability

Overview skk Simple Kana to Kanji conversion software would create an insecure temporary file without taking proper security precautions. Impact An local attacker could overwrite arbitrary files. Solution Please refer to the 'Vendor Information' section for official remediation and take appropria...

GNU Emacs创建不安全临时文件漏洞

BUGTRAQ ID: 28857 CVECAN ID: CVE-2008-1694 Emacs是一个可扩展的实时显示编辑器。 Emacs的vcdiff工具（lib-src/vcdiff）以不安全的方式使用临时文件，这允许本地攻击者通过符号链接攻击以运行vcdiff用户的权限写入任意文件。 GNU Emacs 20.7 - 22.1.50 GNU --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lib-src/vcdiff?view=log...

GLSA-200804-09 : am-utils: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200804-09 am-utils: Insecure temporary file creation Tavis Ormandy discovered that, when creating temporary files, the 'expn' utility does not check whether the file already exists. Impact : A local attacker could exploit the...

GLSA-200803-23 : Website META Language: Insecure temporary file usage

The remote host is affected by the vulnerability described in GLSA-200803-23 Website META Language: Insecure temporary file usage Temporary files are handled insecurely in the files wmlbackend/p1ipp/ipp.src, wmlcontrib/wmg.cgi, and wmlbackend/p3eperl/eperlsys.c, allowing users to overwrite or...

Fedora 8 : wyrd-1.4.3b-1.fc8 (2008-1986)

Bug 433719 - CVE-2008-0806 Wyrd uses insecure temporary file Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Debian Security Advisory DSA 761-2 (heartbeat)

The remote host is missing an update to heartbeat announced via advisory DSA 761-2. The security update DSA 761-1 for pdns contained a bug which caused a regression. This problem is corrected with this advisory. For completeness below please find the original advisory text: Eric Romang discovered...

Debian Security Advisory DSA 588-1 (gzip)

The remote host is missing an update to gzip announced via advisory DSA 588-1. OpenVAS Vulnerability Test $Id: deb5881.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 588-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 497-1 (mc)

The remote host is missing an update to mc announced via advisory DSA 497-1. OpenVAS Vulnerability Test $Id: deb4971.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 497-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...