CVE-2008-3931

javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2008-3929

gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file...

Code injection

genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files...

Authorization

javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2008-3927

genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files...

CVE-2008-3927

genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files...

FreeBSD Ports: xorg-server

The remote host is missing an update to the system as announced in the referenced advisory. VID 61534682-b8f4-11da-8e62-000e0c33c2dc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Design/Logic Flaw

src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment LXDE allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file...

CVE-2008-3791

src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment LXDE allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file...

CVE-2008-3883

configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken.pike temporary file...

Ultra Office ActiveX Control Multiple Vulnerabilities

Ultra Office Control is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Postfix local privilege escalation

Overview The Postfix MTA contains a local privilege escalation vulnerability. Description Postfix is an mail transport agent MTA that is used by several Unix-like operating systems. Symbolic links and hard links are types of files that reference other files. Unlike hard links, symbolic links can...

Design/Logic Flaw

The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the albuminfo.xml temporary file...

CVE-2008-3216

The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2008-2958

Race condition in 1 checkinstall 1.6.1 and 2 installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories...

DEBIAN-CVE-2008-2958

Race condition in 1 checkinstall 1.6.1 and 2 installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories...

CVE-2008-2821

Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ dot dot backslash in a response to a LIST command, a related issue to CVE-2002-1345...

Arbitrary file deletion

sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file...

Design/Logic Flaw

uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression...

DEBIAN-CVE-2008-2266

uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression...