3 matches found
CVE-2008-4998
postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid...
CVE-2008-4998
postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid...
CVE-2008-4998
CVE-2008-4998 affects TWiki 4.1.2: the postinst script allows a local user to overwrite arbitrary files via a symlink attack on /tmp/twiki. Multiple connected sources corroborate the issue, with vendor dispute noting the bug is invalid. The documents do not specify a fix or mitigations. The explo...