Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Aug 3, 2005· Updated Apr 16, 2026

CVE-2005-2449

CVE-2005-2449

Description

Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp.

Affected products

14

Sandbox/Sandbox14 versions
cpe:2.3:a:sandbox:sandbox:1.2:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:sandbox:sandbox:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.1_r3:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.5_r1:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.5_r2:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:sandbox:sandbox:1.2.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

www.gentoo.org/security/en/glsa/glsa-200507-22.xmlnvdPatchVendor Advisory
bugs.gentoo.org/show_bug.cginvd
secunia.com/advisories/16214nvd
securitytracker.com/idnvd
www.securityfocus.com/bid/14375nvd
exchange.xforce.ibmcloud.com/vulnerabilities/21519nvd

News mentions

0

No linked articles in our index yet.