Total
1401 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4639 | 1 Sentex | 1 Jhead | 2025-04-09 | N/A |
| jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2008-4440 | 1 Debian | 1 Feta | 2025-04-09 | N/A |
| The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files. | ||||
| CVE-2008-4939 | 1 Apertium | 1 Apertium | 2025-04-09 | N/A |
| apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts. | ||||
| CVE-2008-4477 | 1 Jim Trocki | 1 Mon | 2025-04-09 | N/A |
| alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file. | ||||
| CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2025-04-09 | 5.5 Medium |
| init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable. | ||||
| CVE-2008-5825 | 1 Nokia | 1 6131 Nfc | 2025-04-09 | N/A |
| The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone. | ||||
| CVE-2008-4476 | 1 Sympa | 1 Sympa | 2025-04-09 | N/A |
| sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability. | ||||
| CVE-2008-4977 | 1 Postfix | 1 Postfix | 2025-04-09 | N/A |
| postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it. | ||||
| CVE-2008-4475 | 1 Gnu | 1 Ibackup | 2025-04-09 | N/A |
| ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2008-4162 | 1 Nooms | 1 Nooms | 2025-04-09 | N/A |
| Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | ||||
| CVE-2008-5377 | 1 Apple | 1 Cups | 2025-04-09 | N/A |
| pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333. | ||||
| CVE-2008-3930 | 1 Debian | 1 Citadel Server | 2025-04-09 | N/A |
| migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2008-3927 | 1 Tiger | 1 Tiger | 2025-04-09 | N/A |
| genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2008-4953 | 1 Firehol | 1 Firehol | 2025-04-09 | N/A |
| firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks. | ||||
| CVE-2008-5378 | 1 Lehrstuhl Fur Mikrobiologie | 1 Arb | 2025-04-09 | N/A |
| arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file. | ||||
| CVE-2008-3883 | 1 Caudium | 1 Caudium | 2025-04-09 | N/A |
| configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken#####.pike temporary file. | ||||
| CVE-2008-5374 | 2 Matthias Klose, Redhat | 2 Bash-doc, Enterprise Linux | 2025-04-09 | N/A |
| bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. | ||||
| CVE-2008-3524 | 1 Redhat | 2 Fedora, Initscripts | 2025-04-09 | N/A |
| rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run. | ||||
| CVE-2008-4950 | 1 Debian | 1 Dpkg-cross | 2025-04-09 | N/A |
| gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot. | ||||
| CVE-2008-5706 | 1 Verlihub-project | 1 Verlihub | 2025-04-09 | N/A |
| The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file. | ||||