2 matches found
Arbitrary file deletion
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file...
Cross site scripting
Cross-site scripting XSS vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted 1 file or 2 process name, which triggers an Access Vector Cache AVC log entry in a log file used during composition of HTML documents for sealert...