CVE-2007-0467

crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/...

CVE-2006-3406

Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. dot dot sequence in the edit parameter...

CVE-2006-2608

artmedic newsletter 4.1 and possibly other versions, when registerglobals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an...

CVE-2006-1231

CAPI4HylaFAX 1.3, when compiled with GENERATEDEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecvdbgdatafile.sff temporary file...

CVE-2006-1231

CAPI4HylaFAX 1.3, when compiled with GENERATEDEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecvdbgdatafile.sff temporary file...

CVE-2005-2454

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions Everyone/Full Control for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder...

Pages Pro CD directory traversal

A security vulnerability in the SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Reference...

CVE-2005-2849

Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to 1 read portions of source code via the -f option to Dig digdevice.cgi, 2 determine file existence via the -r argument to Tcpdump tcpdumpdevice.cgi or 3 modify files in the...

CVE-2005-2144

Prevx Pro 2005 1.0 is affected by CVE-2005-2144, which enables local users to bypass file protections and modify files by using MapViewOfFile to memory-map the target file. The description from CVE records states the issue is a local elevation/ tampering risk within Prevx Pro 2005. There is no pu...

CVE-2005-1759

Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751...

PT-2004-2266 · Gnu +1 · Gzip +1

Name of the Vulnerable Software and Affected Versions: gzip version 1.3 and earlier in Solaris 8 Description: The issue allows local users to view or modify files that are hard linked to the target files when gzip is called with the -f or -force flags. Recommendations: For gzip version 1.3 and...

Mozilla Linux installer does not properly set file permissions

Overview Mozilla's Linux installers may not properly set file permissions on the installed program files. A local user may then be able to modify or replace these files with malicious versions. Description Some versions of Mozilla's Linux installer may create installation and program files with...

CVE-2000-1190

The CVE-2000-1190 entry concerns the imwheel-solo component of the imwheel package. It describes a local-privilege issue where a symlink attack on the user’s .imwheelrc file allows a local user to modify arbitrary files. The description specifies the vulnerability type (symlink attack) and that e...

CVE-2001-1525

Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter...

CVE-1999-0761

Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program...

CVE-2000-0249

The AIX Fast Response Cache Accelerator FRCA allows local users to modify arbitrary files via the configuration capability in the frcactrl program...

CVE-1999-0850

The default permissions for Endymion MailMan allow local users to read email or modify files...

PT-1997-1174 · Xterm · Xterm

Name of the Vulnerable Software and Affected Versions: xterm affected versions not specified Description: A race condition in xterm allows local users to modify arbitrary files via the logging option. Recommendations: At the moment, there is no information about a newer version that contains a fi...

CVE-1999-1267

KDE file manager kfm uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server...

CVE-1999-1221

dxchpwd in Digital Unix OSF/1 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file...