14 matches found
SUSE CVE-2008-3699
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the albuminfo.xml temporary file...
Slackware Advisory SSA:2008-241-01 amarok
The remote host is missing an update as announced via advisory SSA:2008-241-01. OpenVAS Vulnerability Test $Id: esoftslkssa200824101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Mandriva Linux Security Advisory : amarok (MDVSA-2008:172)
A flaw in Amarok prior to 1.4.10 would allow local users to overwrite arbitrary files via a symlink attack on a temporary file that Amarok created with a predictable name CVE-2008-3699. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security,...
Mandriva Update for amarok MDVSA-2008:172 (amarok)
Check for the Version of amarok OpenVAS Vulnerability Test Mandriva Update for amarok MDVSA-2008:172 amarok Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Ubuntu Update for amarok vulnerability USN-657-1
Ubuntu Update for Linux kernel vulnerabilities USN-657-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6571.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for amarok vulnerability USN-657-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Fedora Update for amarok FEDORA-2008-7739
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
USN-657-1: Amarok vulnerability
Dwayne Litzenberger discovered that Amarok created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. CVE-2008-3699...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3699. Reason: This candidate is a duplicate of CVE-2008-3699. Notes: All CVE users should reference CVE-2008-3699 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
Gentoo Security Advisory GLSA 200809-08 (amarok)
The remote host is missing updates announced in advisory GLSA 200809-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 8 : amarok-1.4.10-1.fc8 (2008-7719)
Amarok 1.4.10 has been released to fix a security problem. For more information please see http://amarok.kde.org/en/node/535/ Please update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
[slackware-security] amarok
New Amarok packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. In addition, new supporting libgpod packages are available for Slackware 11.0 and 12.0, since a newer version of libgpod than shipped with these releases is required to run Amarok version 1.4.10...
[ MDVSA-2008:172 ] amarok
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:172 http://www.mandriva.com/security/ Package : amarok Date : August 15, 2008 Affected: 2008.0, 2008.1 Problem Description: A flaw in Amarok prior to 1.4.10 would allow local users to overwrite arbitrary fil...
CVE-2008-3699
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the albuminfo.xml temporary file...
CVE-2008-3699
CVE-2008-3699 affects Amarok up to version 1.4.10, where MagnatuneBrowser::listDownloadComplete in magnatunebrowser.cpp could allow a local user to overwrite arbitrary files via a symlink attack on a temporary album_info.xml file. Public iterations in connected advisories confirm the issue and re...