24 matches found
CLSA-2026-1779279626 vim: Fix of CVE-2026-42307
CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...
EUVD-2008-7226
Malware in sbrugna...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
CVE-2008-7273 describes a symlink issue in Iceweasel-firegpg before 0.6 caused by insecure tempfile handling. Affected component is Iceweasel-firegpg; root cause is insecure tempfile handling leading to a symlink-related vulnerability. The CVSS data in the linked records indicates a local attack ...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
CVE-2011-3618 relates to a symlink attack caused by insecure tempfile handling in the tool described as “atop.” The linked records (NVD, OSV, Debian/Ubuntu trackers and others) consistently cite this issue as a local‑attack vulnerability with insecure tempfile handling, leading to potential expos...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
Insecure tempfile handling Vulnerability in TWiki (Sep 2008)
TWiki is prone to an insecure temp file handling vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:twiki:twiki";...
[Full-disclosure] SimpleCDR-X - Insecure tempfile handling
SimpleCDR-X - Insecure tempfile handling +----------------------------------------+ Date: 2005-09-15 URL: http://ogre.rocky-road.net/cdr.shtml Vendor Notified: Days ago, no answer. Version: 1.3.3 latest - Description - Files beeing recorded can be read by any user on the system due to insecure...
Fedora Core 3 : kdeedu-3.4.2-0.fc3.2 (2005-745)
Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The script must be manually invoked. The script uses known filenames in /tmp which allow an local attacker to overwrite files writeable by the user...
GLSA-200411-22 : Davfs2, lvm-user: Insecure tempfile handling
The remote host is affected by the vulnerability described in GLSA-200411-22 Davfs2, lvm-user: Insecure tempfile handling Florian Schilhabel from the Gentoo Linux Security Audit Team found that Davfs2 insecurely created .pid files in /tmp. Furthermore, Trustix Secure Linux found that the...
GLSA-200411-17 : mtink: Insecure tempfile handling
The remote host is affected by the vulnerability described in GLSA-200411-17 mtink: Insecure tempfile handling Tavis Ormandy from Gentoo Linux discovered that mtink uses insecure permissions on temporary files. Impact : A local attacker could create symbolic links in the temporary files directory...
mtink: Insecure tempfile handling
Background mtink is a status monitor and inkjet cartridge changer for some Epson printers. Description Tavis Ormandy from Gentoo Linux discovered that mtink uses insecure permissions on temporary files. Impact A local attacker could create symbolic links in the temporary files directory, pointing...
GLSA-200410-25 : Netatalk: Insecure tempfile handling in etc2ps.sh
The remote host is affected by the vulnerability described in GLSA-200410-25 Netatalk: Insecure tempfile handling in etc2ps.sh The etc2ps.sh script creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the temporary...
Netatalk: Insecure tempfile handling in etc2ps.sh
Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description The etc2ps.sh script creates temporary files in...
GLSA-200410-19 : glibc: Insecure tempfile handling in catchsegv script
The remote host is affected by the vulnerability described in GLSA-200410-19 glibc: Insecure tempfile handling in catchsegv script The catchsegv script creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the...
glibc: Insecure tempfile handling in catchsegv script
Background glibc is a package that contains the GNU C library. Description The catchsegv script creates temporary files in world-writeable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere o...