SUSE CVE-2008-4935

asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview.pgm temporary file...

Gentoo Security Advisory GLSA 200812-14 (aview)

The remote host is missing updates announced in advisory GLSA 200812-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200812-14 (aview)

The remote host is missing updates announced in advisory GLSA 200812-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ GLSA 200812-14 ] aview: Insecure temporary file usage

Gentoo Linux Security Advisory GLSA 200812-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

aview symbolic links vulnerability

Insecure temporary file creation...

GLSA-200812-14 : aview: Insecure temporary file usage

The remote host is affected by the vulnerability described in GLSA-200812-14 aview: Insecure temporary file usage Dmitry E. Oboukhov reported that aview uses the '/tmp/aview$$.pgm' file in an insecure manner when processing files. Impact : A local attacker could perform symlink attacks to overwri...

aview: Insecure temporary file usage

Background aview is an ASCII image viewer and animation player. Description Dmitry E. Oboukhov reported that aview uses the "/tmp/aview$$.pgm" file in an insecure manner when processing files. Impact A local attacker could perform symlink attacks to overwrite arbitrary files on the system with th...

DEBIAN-CVE-2008-4935

asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview.pgm temporary file...

Arbitrary file deletion

asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview.pgm temporary file...

CVE-2008-4935

asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview.pgm temporary file...

CVE-2008-4935

CVE-2008-4935 affects the aview image viewer (version 1.3.0) and is caused by insecure temporary file handling: it uses a path like /tmp/aview$$$.pgm, enabling a local attacker to perform a symlink attack and overwrite arbitrary files with the privileges of the running user. Impact is described a...

PT-2008-6109 · Aview +1 · Aview +1

Name of the Vulnerable Software and Affected Versions: aview version 1.3.0 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview.pgm temporary file created by asciiview in aview. Recommendations: For aview version 1.3.0, consider restricting...