6 matches found
EUVD-2008-4936
Malware in sbrugna...
Kitware GCC-XML 'find_flags'脚本不安全临时文件建立漏洞
Bugraq ID: 36318 CVE ID: CVE-2008-4957 GCC-XML是一款c++语法分析器,是gcc编译器的前端。 Kitware GCC-XML 'findflags'脚本在/tmp中不安全建立临时文件,本地攻击者可以利用漏洞通过符号链接覆盖系统中任意文件。 Kitware GCC-XML 0.9 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496391...
CVE-2008-4957
findflags in Kitware GCC-XML gccxml 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.cxx temporary file...
Arbitrary file deletion
findflags in Kitware GCC-XML gccxml 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.cxx temporary file...
CVE-2008-4957
findflags in Kitware GCC-XML gccxml 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.cxx temporary file...
CVE-2008-4957
CVE-2008-4957 affects Kitware GCC-XML (gccxml) 0.9.0. The vulnerability arises from insecure temporary file handling in the find_flags routine, which creates/opens a file under /tmp/*.cxx in a way that allows a local attacker to exploit a symlink and overwrite arbitrary files. Impact: potential c...