2 matches found
CVE-2008-4987
xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the a /tmp/ldconfig.tmp, b /tmp/ldconf.tmp, and c /tmp/ld.so.conf temporary files, related to the 1 get-maptools.sh and 2 getshapelib.sh scripts...
CVE-2008-4987
Xastir 1.9.2 is vulnerable to a local privilege issue: a symlink attack can overwrite arbitrary files via /tmp/ldconfig.tmp, /tmp/ldconf.tmp, and /tmp/ld.so.conf, related to the get-maptools.sh and get_shapelib.sh scripts. CVSS 2.0 base score 6.9 (LOCAL, MEDIUM). Fedora advisories FEDORA-2008-726...