CVE-2011-2473

The dodumpdata function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opdpipe file, a different vulnerability than CVE-2011-1760...

CVE-2011-2472

Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. dot dot in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760...

CVE-2011-1920

The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/depend temporary file, related to 1 bsd.lib.mk and 2 bsd.prog.mk...

Ubuntu Update for kdenetwork USN-1114-1

Ubuntu Update for Linux kernel vulnerabilities USN-1114-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11141.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for kdenetwork USN-1114-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

spice-xpi: symlink attack on usbrdrctl log file

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...

CVE-2011-0461

/etc/init.d/boot.localfs in the aaabase package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab...

CVE-2011-1072

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the 1 downloaddir, 2 cachedir, 3 tmpdir, and 4 pear-build-download directories, a different vulnerability than CVE-2007-2519...

CVE-2011-0702

The fehuniquefilename function in utils.c in feh before 1.11.2 might allow local users to overwrite arbitrary files via a symlink attack on a /tmp/feh temporary file...

UBUNTU-CVE-2010-4337

The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/gnash-configure-errors.$$, 2 /tmp/gnash-configure-warnings.$$, or 3 /tmp/gnash-configure-recommended.$$ files...

CVE-2010-4337

Removed by vendor...

CVE-2011-0007

pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on 1 pimd.dump when a USR1 signal is sent, or 2 pimd.cache when USR2 is sent...

CVE-2010-4605

Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager TSM 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors...

Default configuration

The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a 1 symlink or 2 hard link attack on the libsdp.log. temporary file...

CVE-2009-5007

The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files...

CVE-2010-3691

PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file...

tomcat: unexpected file deletion and/or alteration

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. dot dot in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry...

CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

Directory traversal

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

DEBIAN-CVE-2010-2056

GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...