25 matches found
PT-2019-13962 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: Dolibarr version 11.0.0-alpha Description: An issue allows a user to store an IFRAME element, containing a user/card.php CSRF request, in their Linked Files settings page. When visited by the admin, this could completely take over the admin...
CVE-2004-1349
CVE-2004-1349 affects gzip releases 1.3 and earlier on Solaris 8. The vulnerability occurs when gzip is invoked with the -f or -force flags, causing it to alter permissions of files that are hard linked to the target, enabling local users to view or modify those linked files. Connected sources co...
Sun Solaris gzip may change permissions of hard linked files
Overview Sun Solaris gzip contains a vulnerability that may change the permissions of hard linked files. The specific impact may allow hard linked files compressed by gzip to become readable and able to be modified by unprivileged users. Description Gzip is a utility used for compressing and...
PT-2004-2266 · Gnu +1 · Gzip +1
Name of the Vulnerable Software and Affected Versions: gzip version 1.3 and earlier in Solaris 8 Description: The issue allows local users to view or modify files that are hard linked to the target files when gzip is called with the -f or -force flags. Recommendations: For gzip version 1.3 and...
IBM AIX eNetwork Firewall 3.23.3 - Insecure Temporary File Creation
IBM AIX eNetwork Firewall 3.23.3 - Insecure Temporary File Creation soure: https://www.securityfocus.com/bid/287/info IBM's eNetwork Firewall for AIX contains a number of vulnerability in scripts which manipulate files insecurely. When fwlsuser script is run it creates a temporary file called...