Total
1417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3699 | 1 Amarok | 1 Amarok | 2025-04-09 | 3.3 LOW | N/A |
|
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
|
|||||
| CVE-2008-4987 | 1 Xastir | 1 Xastir | 2025-04-09 | 6.9 MEDIUM | N/A |
|
xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts.
|
|||||
| CVE-2008-5313 | 1 Mailscanner | 1 Mailscanner | 2025-04-09 | 6.9 MEDIUM | N/A |
|
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) W ...
Show More |
|||||
| CVE-2009-3304 | 1 Gforge | 1 Gforge | 2025-04-09 | 3.3 LOW | N/A |
|
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php.
|
|||||
| CVE-2009-1253 | 1 James Stone | 1 Tunapie | 2025-04-09 | 4.4 MEDIUM | N/A |
|
James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file.
|
|||||
| CVE-2008-0883 | 2 Adobe, Suse | 4 Acrobat Reader, Open Suse, Suse Linux and 1 more | 2025-04-09 | 3.7 LOW | N/A |
|
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.
|
|||||
| CVE-2008-4981 | 1 Remi Vanicat | 1 Realtimebattle | 2025-04-09 | 6.9 MEDIUM | N/A |
|
perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file.
|
|||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter.
|
|||||
| CVE-2008-3261 | 1 Claroline | 1 Claroline | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
|
|||||
| CVE-2008-5366 | 1 Marco D\'itri | 1 Ppp | 2025-04-09 | 6.9 MEDIUM | N/A |
|
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.
|
|||||
| CVE-2008-4997 | 1 Pilot-qof | 1 Datafreedom-perl | 2025-04-09 | 6.9 MEDIUM | N/A |
|
dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage.
|
|||||
| CVE-2008-3930 | 1 Debian | 1 Citadel Server | 2025-04-09 | 6.9 MEDIUM | N/A |
|
migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
|||||
| CVE-2008-4979 | 1 Shrubbery | 1 Rancid | 2025-04-09 | 6.9 MEDIUM | N/A |
|
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files.
|
|||||
| CVE-2008-4190 | 2 Openswan, Xelerance | 2 Openswan, Openswan | 2025-04-09 | 4.4 MEDIUM | N/A |
|
The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.
|
|||||
| CVE-2008-4998 | 1 Twiki | 1 Twiki | 2025-04-09 | 6.9 MEDIUM | N/A |
|
postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid.
|
|||||
| CVE-2008-4985 | 1 Cadsoft | 1 Vdr | 2025-04-09 | 6.9 MEDIUM | N/A |
|
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file.
|
|||||
| CVE-2008-4986 | 1 Georges Khaznadar | 1 Wims | 2025-04-09 | 6.9 MEDIUM | N/A |
|
wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts.
|
|||||
| CVE-2008-3329 | 1 Twibright | 1 Links | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
|
|||||
| CVE-2008-0930 | 2 Debian, Freshmeat | 2 Debian Linux, Xwine | 2025-04-09 | 7.2 HIGH | N/A |
|
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-4942 | 1 Audiolink | 1 Audiolink | 2025-04-09 | 6.9 MEDIUM | N/A |
|
audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.
|
|||||
| CVE-2008-5139 | 1 Javier Fernandez | 1 Jailer | 2025-04-09 | 6.9 MEDIUM | N/A |
|
updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.
|
|||||
| CVE-2008-5148 | 1 Geda | 1 Gnetlist | 2025-04-09 | 6.9 MEDIUM | N/A |
|
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
|
|||||
| CVE-2007-6208 | 1 Claws Mail | 1 Claws Mail Tools | 2025-04-09 | 3.6 LOW | N/A |
|
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
|
|||||
| CVE-2008-5704 | 1 Gpsdrive | 1 Gpsdrive | 2025-04-09 | 7.6 HIGH | N/A |
|
src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380.
|
|||||
| CVE-2008-5143 | 1 Mohammed Sameer | 1 Multi-gnome-terminal | 2025-04-09 | 6.9 MEDIUM | N/A |
|
mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file.
|
|||||
| CVE-2008-2311 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.6 HIGH | N/A |
|
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.
|
|||||
| CVE-2008-0665 | 1 Website Meta Language | 1 Website Meta Language | 2025-04-09 | 3.6 LOW | N/A |
|
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.
|
|||||
| CVE-2008-4956 | 1 Firewallbuilder | 1 Fwbuilder | 2025-04-09 | 6.9 MEDIUM | N/A |
|
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.
|
|||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2025-04-09 | 6.9 MEDIUM | N/A |
|
find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
|
|||||
| CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2025-04-09 | 6.9 MEDIUM | 5.5 MEDIUM |
|
init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable.
|
|||||
| CVE-2008-4580 | 1 Gentoo | 2 Cman, Fence | 2025-04-09 | 7.2 HIGH | N/A |
|
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
|
|||||
| CVE-2009-0473 | 1 Rockwellautomation | 1 Controllogix 1756-enbt\/a Ethernet\/ Ip Bridge | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
|||||
| CVE-2007-6595 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | 2.1 LOW | N/A |
|
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
|
|||||
| CVE-2007-5839 | 1 Bitchx | 1 Bitchx | 2025-04-09 | 4.6 MEDIUM | N/A |
|
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command.
|
|||||
| CVE-2008-5825 | 1 Nokia | 1 6131 Nfc | 2025-04-09 | 2.6 LOW | N/A |
|
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purch ...
Show More |
|||||
| CVE-2008-5367 | 1 Marco D\'itri | 1 Ppp-udeb | 2025-04-09 | 6.9 MEDIUM | N/A |
|
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file.
|
|||||
| CVE-2008-3946 | 1 Hp | 1 Openvms | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
|
|||||
| CVE-2008-7247 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-09 | 6.0 MEDIUM | N/A |
|
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
|
|||||
| CVE-2008-1694 | 1 Gnu | 2 Emacs, Sccs | 2025-04-09 | 4.6 MEDIUM | N/A |
|
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-2008-4944 | 1 Gleydson Mazioli Da Silva | 1 Cdcontrol | 2025-04-09 | 6.9 MEDIUM | N/A |
|
writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.
|
|||||