2 matches found
CVE-2010-0118
CVE-2010-0118 concerns the bournal utility. Public details show that a vulnerability existed in bournal before version 1.4.1 where local users could overwrite arbitrary files via a symlink attack on temporary files used during an update check. The Fedora advisories and OpenVAS entries confirm aff...
CVE-2010-0119
CVE-2010-0119 affects Bournal up to version 1.4.1 for FreeBSD 8.0 when the -K option is used. The vulnerability stems from placing the ccrypt key on the command line, enabling a local attacker to obtain sensitive information by listing the process and its arguments (echoing). Connected Fedora adv...