Lucene search
Ubuntu.comUB:CVE-2008-0167HistoryMay 18, 2008 - 12:00 a.m.
CVE-2008-0167
2008-05-1800:00:00
ubuntu.com
ubuntu.com
5
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.9%
The write_array_file function in utils/include.pl in GForge 4.5.14 updates
configuration files by truncating them to zero length and then writing new
data, which might allow attackers to bypass intended access restrictions or
have unspecified other impact in opportunistic circumstances.
Related
openvas
openvas
Debian Security Advisory DSA 1577-1 (gforge)
2008-05-27 00:00:00
Debian: Security Advisory (DSA-1577-1)
2008-05-27 00:00:00
nvd
nvd
CVE-2008-0167
2008-05-18 14:20:00
cve
cve
CVE-2008-0167
2008-05-18 14:20:00
debian
debian
[SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files
2008-05-14 15:33:52
nessus
nessus
Debian DSA-1577-1 : gforge - insecure temporary files
2008-05-19 00:00:00
prion
prion
Design/Logic Flaw
2008-05-18 14:20:00
cvelist
cvelist
CVE-2008-0167
2008-05-18 14:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.9%
Related for UB:CVE-2008-0167