Total
1417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1241 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-09 | 4.3 MEDIUM | N/A |
|
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.
|
|||||
| CVE-2008-5312 | 1 Mailscanner | 1 Mailscanner | 2025-04-09 | 6.9 MEDIUM | N/A |
|
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.
|
|||||
| CVE-2008-4973 | 1 Debian | 1 Myspell | 2025-04-09 | 6.9 MEDIUM | N/A |
|
i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files.
|
|||||
| CVE-2008-4950 | 1 Debian | 1 Dpkg-cross | 2025-04-09 | 6.9 MEDIUM | N/A |
|
gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot.
|
|||||
| CVE-2008-6759 | 1 Viart | 1 Viart Shop | 2025-04-09 | 4.3 MEDIUM | N/A |
|
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message.
|
|||||
| CVE-2008-4978 | 1 Radiance | 1 Radiance | 2025-04-09 | 6.9 MEDIUM | N/A |
|
radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts.
|
|||||
| CVE-2008-5137 | 1 Tkman | 1 Tkman | 2025-04-09 | 6.9 MEDIUM | N/A |
|
tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file.
|
|||||
| CVE-2008-5374 | 1 Matthias Klose | 1 Bash-doc | 2025-04-09 | 6.9 MEDIUM | N/A |
|
bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts.
|
|||||
| CVE-2006-5851 | 1 Openbase International Ltd | 1 Openbase | 2025-04-09 | 2.1 LOW | N/A |
|
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
|
|||||
| CVE-2008-5377 | 1 Apple | 1 Cups | 2025-04-09 | 6.9 MEDIUM | N/A |
|
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
|
|||||
| CVE-2008-5135 | 1 Debian | 1 Os-prober | 2025-04-09 | 6.2 MEDIUM | N/A |
|
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users.
|
|||||
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL.
|
|||||
| CVE-2008-4952 | 1 Emacs | 1 Emacs-jabber | 2025-04-09 | 6.9 MEDIUM | N/A |
|
emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.
|
|||||
| CVE-2008-4941 | 1 Arb Project | 1 Arb-common | 2025-04-09 | 6.9 MEDIUM | N/A |
|
arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts.
|
|||||
| CVE-2009-1753 | 1 Emn | 1 Coccinelle | 2025-04-09 | 3.3 LOW | N/A |
|
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."
|
|||||
| CVE-2008-4970 | 1 Lustre | 1 Lustre-tests | 2025-04-09 | 6.9 MEDIUM | N/A |
|
runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file.
|
|||||
| CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2025-04-09 | 6.9 MEDIUM | N/A |
|
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
|
|||||
| CVE-2008-4988 | 1 Lars Bahner | 1 Xcal | 2025-04-09 | 6.9 MEDIUM | N/A |
|
pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file.
|
|||||
| CVE-2007-4631 | 1 Qgit | 1 Qgit | 2025-04-09 | 6.9 MEDIUM | N/A |
|
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
|
|||||
| CVE-1999-1593 | 1 Microsoft | 3 Windows 2000, Windows 95, Windows 98 | 2025-04-09 | 7.6 HIGH | N/A |
|
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable.
|
|||||
| CVE-2008-5142 | 1 Freebsd | 1 Freebsd-sendpr | 2025-04-09 | 6.9 MEDIUM | N/A |
|
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file.
|
|||||
| CVE-2007-3921 | 1 Gforge | 1 Gforge | 2025-04-09 | 3.3 LOW | N/A |
|
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-2008-4949 | 1 Manoj Srivastava | 1 Dist | 2025-04-09 | 6.9 MEDIUM | N/A |
|
dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts.
|
|||||
| CVE-2008-3928 | 1 Debian | 1 Honeyd Common | 2025-04-09 | 6.9 MEDIUM | N/A |
|
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
|||||
| CVE-2008-5378 | 1 Lehrstuhl Fur Mikrobiologie | 1 Arb | 2025-04-09 | 6.9 MEDIUM | N/A |
|
arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file.
|
|||||
| CVE-2008-4971 | 1 Align.bmr.kyushu-u.ac | 1 Mafft | 2025-04-09 | 6.9 MEDIUM | N/A |
|
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files.
|
|||||
| CVE-2007-5437 | 1 Broadcom | 1 Etrust Integrated Threat Management | 2025-04-09 | 5.8 MEDIUM | N/A |
|
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
|
|||||
| CVE-2008-4965 | 1 Savonet | 1 Liguidsoap | 2025-04-09 | 6.9 MEDIUM | N/A |
|
liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files.
|
|||||
| CVE-2008-3521 | 1 Jasper Project | 1 Jasper | 2025-04-09 | 7.2 HIGH | N/A |
|
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
|
|||||
| CVE-2008-3456 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | 6.4 MEDIUM | N/A |
|
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
|
|||||
| CVE-2008-0870 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | 7.5 HIGH | N/A |
|
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
|
|||||
| CVE-2008-4964 | 1 Krzysztof Kozlowski | 1 Konwert | 2025-04-09 | 6.9 MEDIUM | N/A |
|
filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.
|
|||||
| CVE-2007-5940 | 1 Tug | 1 Texlive 2007 | 2025-04-09 | 4.6 MEDIUM | N/A |
|
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file.
|
|||||
| CVE-2008-5157 | 1 Uoregon | 1 Tau | 2025-04-09 | 6.9 MEDIUM | N/A |
|
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts.
|
|||||
| CVE-2008-5149 | 1 Aucko | 1 Libncbi6 | 2025-04-09 | 6.9 MEDIUM | N/A |
|
fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
|
|||||
| CVE-2008-3216 | 1 Debian | 1 Projectl | 2025-04-09 | 4.6 MEDIUM | N/A |
|
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2009-1297 | 2 Novell, Opensuse | 2 Suse Linux, Opensuse | 2025-04-09 | 4.4 MEDIUM | N/A |
|
iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name.
|
|||||
| CVE-2008-5369 | 1 No-ip | 1 No-ip2 | 2025-04-09 | 6.9 MEDIUM | N/A |
|
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.
|
|||||
| CVE-2008-4995 | 1 Jose M.vidal | 1 Bk2site | 2025-04-09 | 6.9 MEDIUM | N/A |
|
redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default.
|
|||||
| CVE-2008-5375 | 1 Cmus | 1 Cmus | 2025-04-09 | 6.9 MEDIUM | N/A |
|
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file.
|
|||||