Total
1267 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-1253 | 1 James Stone | 1 Tunapie | 2025-04-09 | 4.4 MEDIUM | N/A |
James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file. | |||||
CVE-2008-3929 | 1 Ampache | 1 Ampache | 2025-04-09 | 7.2 HIGH | N/A |
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file. | |||||
CVE-2007-5664 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 6.9 MEDIUM | N/A |
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | |||||
CVE-2008-5144 | 1 Federico Di Gregorio | 1 Nvidia-cg-toolkit | 2025-04-09 | 6.9 MEDIUM | N/A |
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | |||||
CVE-2008-5703 | 1 Gpsdrive | 1 Gpsdrive | 2025-04-09 | 6.2 MEDIUM | N/A |
gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380. | |||||
CVE-2008-0930 | 2 Debian, Freshmeat | 2 Debian Linux, Xwine | 2025-04-09 | 7.2 HIGH | N/A |
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-5377 | 1 Apple | 1 Cups | 2025-04-09 | 6.9 MEDIUM | N/A |
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333. | |||||
CVE-2008-3329 | 1 Twibright | 1 Links | 2025-04-09 | 9.3 HIGH | N/A |
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." | |||||
CVE-2008-3216 | 1 Debian | 1 Projectl | 2025-04-09 | 4.6 MEDIUM | N/A |
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2025-04-09 | 6.9 MEDIUM | 5.5 MEDIUM |
init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable. | |||||
CVE-2008-0806 | 1 Paul Pelzl | 1 Wyrd | 2025-04-09 | 3.6 LOW | N/A |
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | |||||
CVE-2008-4982 | 1 John Horne | 1 Rkhunter | 2025-04-09 | 6.9 MEDIUM | N/A |
rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270. | |||||
CVE-2008-3946 | 1 Hp | 1 Openvms | 2025-04-09 | 4.9 MEDIUM | N/A |
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | |||||
CVE-2007-5200 | 1 Opensuse | 1 Opensuse | 2025-04-09 | 3.3 LOW | N/A |
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | |||||
CVE-2008-3883 | 1 Caudium | 1 Caudium | 2025-04-09 | 7.2 HIGH | N/A |
configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file. | |||||
CVE-2008-0883 | 2 Adobe, Suse | 4 Acrobat Reader, Open Suse, Suse Linux and 1 more | 2025-04-09 | 3.7 LOW | N/A |
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | |||||
CVE-2008-3227 | 1 Joomla | 1 Joomla | 2025-04-09 | 7.5 HIGH | N/A |
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability. | |||||
CVE-2008-5146 | 1 Erl Wustl | 1 Ctn | 2025-04-09 | 6.9 MEDIUM | N/A |
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file. | |||||
CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2025-04-09 | 9.3 HIGH | N/A |
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | |||||
CVE-2009-4135 | 3 Canonical, Fedoraproject, Gnu | 3 Ubuntu Linux, Fedora, Coreutils | 2025-04-09 | 4.4 MEDIUM | N/A |
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. |