CVE-2014-1638

1 debian/postrm and 2 debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename...

Directory traversal

Directory traversal vulnerability in the Gapless Player SimZip aka Simple Zip Viewer application before 1.2.1 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename...

SimZip (Simple Zip Viewer) vulnerable to directory traversal

Overview SimZip Simple Zip Viewer provided by Gapless Player contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the develope...

Ubuntu: Security Advisory (USN-2077-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2013-6402

base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...

CVE-2013-6402

base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...

CVE-2013-6402

base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...

CVE-2013-4400

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments...

CVE-2012-0787

The clonefile function in transfer.c in Augeas before 1.0.0, when copyifrenamefails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the 1 .augsave or 2 destination file when using th...

Information disclosure

The clonefile function in transfer.c in Augeas before 1.0.0, when copyifrenamefails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the 1 .augsave or 2 destination file when using th...

Design/Logic Flaw

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...

CVE-2012-6607

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786...

CVE-2012-0786

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...

augeas: susceptible to symlink attack

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...

Ubuntu: Security Advisory (USN-1981-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[USN-1979-1] txt2man

========================================================================== Ubuntu Security Notice USN-1979-1 September 30, 2013 txt2man vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

[USN-1981-1] HPLIP vulnerabilities

========================================================================== Ubuntu Security Notice USN-1981-1 September 30, 2013 hplip vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

USN-1981-1: HPLIP vulnerabilities

It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. CVE-2011-2722 Tim Waugh discovered that HPLIP incorrectly handled temporary...

MoinMoin: Multiple vulnerabilities

Background MoinMoin is a Python WikiEngine. Description Multiple vulnerabilities have been discovered in MoinMoin. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code with the privileges of the process, overwrite arbitrary...

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...