Lucene search
Ubuntu.comUB:CVE-2008-5140HistoryNov 18, 2008 - 12:00 a.m.
CVE-2008-5140
2008-11-1800:00:00
ubuntu.com
ubuntu.com
5
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
trend-autoupdate.new in mailscanner 4.55.10 and other versions before
4.74.16-1 allows local users to overwrite arbitrary files via a symlink
attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file.
Notes
| Author | Note |
|---|---|
| jdstrand | Per Debian, script should only used when the private Trend Micro antivirus is installed |
Related
cve
cve
CVE-2008-5140
2008-11-18 16:00:00
CVE-2008-5312
2008-12-03 17:30:00
prion
prion
Design/Logic Flaw
2008-11-18 16:00:00
Design/Logic Flaw
2008-12-03 17:30:00
securityvulns
securityvulns
mailscanner symbolic links vulnerability
2008-12-23 00:00:00
[ MDVA-2008:241 ] mailscanner
2008-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2008-5312
2008-12-03 00:00:00
openvas
openvas
Ubuntu USN-697-1 (imlib2)
2008-12-29 00:00:00
Ubuntu USN-698-2 (nagios3)
2008-12-29 00:00:00
Ubuntu USN-699-1 (blender)
2008-12-29 00:00:00
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
Related for UB:CVE-2008-5140