2 matches found
CVE-2008-1901
CVE-2008-1901 affects aptlinex before 0.91, where a local user can overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. The issue arises from a symlink-based race in handling the lock file, enabling local privilege impact with complete confidentiality, integrity, ...
CVE-2008-1902
The CVE concerns the GUI for aptlinex prior to version 0.91, where insufficient user warning for potentially dangerous actions could let an attacker remove or modify packages via an apt:// URL. Affected component: aptlinex GUI; Root cause: inadequate confirmation/notification of dangerous actions...