210 matches found
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
DEBIAN-CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
CVE-2011-3618 relates to a symlink attack caused by insecure tempfile handling in the tool described as “atop.” The linked records (NVD, OSV, Debian/Ubuntu trackers and others) consistently cite this issue as a local‑attack vulnerability with insecure tempfile handling, leading to potential expos...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...
CVE-2018-17955 Static tempfile name allows overwriting of arbitrary files
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection...
ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...
ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...
ghostscript: .tempfile file permission issues (699657)
It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibly exploit this to exploit this to bypass the -dSAFER protection and delete files or disclose their content via a specially crafted PostScript document...
RHEL 7 : ghostscript (RHSA-2018:3650)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3650 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...
EulerOS Virtualization 2.5.1 : ruby (EulerOS-SA-2018-1275)
According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name...
Artifex Ghostscript Restriction Bypass Vulnerability
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A restriction bypa...
CVE-2018-15908
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...
Code injection
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...
CVE-2018-15908
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...
DEBIAN-CVE-2018-15908
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...