VYPR

CVEs

344,987 total · page 6236 of 6,900

  • CVE-2008-4973Nov 6, 2008
    risk 0.00cvss epss 0.00

    i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files.

  • CVE-2008-4972Nov 6, 2008
    risk 0.00cvss epss 0.00

    mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file.

  • CVE-2008-4971Nov 6, 2008
    risk 0.00cvss epss 0.00

    mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary…

  • CVE-2008-4970Nov 6, 2008
    risk 0.00cvss epss 0.00

    runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file.

  • CVE-2008-4969Nov 6, 2008
    risk 0.00cvss epss 0.00

    ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h)…

  • CVE-2008-4968Nov 6, 2008
    risk 0.00cvss epss 0.00

    The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.

  • CVE-2008-4967Nov 6, 2008
    risk 0.00cvss epss 0.00

    linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts.

  • CVE-2008-4966Nov 6, 2008
    risk 0.00cvss epss 0.00

    linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts.

  • CVE-2008-4965Nov 6, 2008
    risk 0.00cvss epss 0.00

    liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files.

  • CVE-2008-4964Nov 6, 2008
    risk 0.00cvss epss 0.00

    filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.

  • CVE-2008-4963Nov 6, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface…

  • CVE-2008-4395Nov 6, 2008
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

  • CVE-2008-4960Nov 5, 2008
    risk 0.00cvss epss 0.00

    impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files.

  • CVE-2008-4959Nov 5, 2008
    risk 0.00cvss epss 0.00

    geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files.

  • CVE-2008-4958Nov 5, 2008
    risk 0.00cvss epss 0.00

    gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.

  • CVE-2008-4957Nov 5, 2008
    risk 0.00cvss epss 0.00

    find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.

  • CVE-2008-4956Nov 5, 2008
    risk 0.00cvss epss 0.00

    fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.

  • CVE-2008-4955Nov 5, 2008
    risk 0.00cvss epss 0.00

    freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is…

  • CVE-2008-4954Nov 5, 2008
    risk 0.00cvss epss 0.00

    mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file.

  • CVE-2008-4953Nov 5, 2008
    risk 0.00cvss epss 0.00

    firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create…

  • CVE-2008-4952Nov 5, 2008
    risk 0.00cvss epss 0.00

    emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.

  • CVE-2008-4951Nov 5, 2008
    risk 0.00cvss epss 0.00

    dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.

  • CVE-2008-4950Nov 5, 2008
    risk 0.00cvss epss 0.00

    gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific…

  • CVE-2008-4949Nov 5, 2008
    risk 0.00cvss epss 0.00

    dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts.

  • CVE-2008-4948Nov 5, 2008
    risk 0.00cvss epss 0.00

    fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.

  • CVE-2008-4947Nov 5, 2008
    risk 0.00cvss epss 0.00

    dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.

  • CVE-2008-4946Nov 5, 2008
    risk 0.00cvss epss 0.00

    convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5)…

  • CVE-2008-4945Nov 5, 2008
    risk 0.00cvss epss 0.00

    amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory.

  • CVE-2008-4944Nov 5, 2008
    risk 0.00cvss epss 0.00

    writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.

  • CVE-2008-4943Nov 5, 2008
    risk 0.00cvss epss 0.00

    bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4)…

  • CVE-2008-4942Nov 5, 2008
    risk 0.00cvss epss 0.00

    audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.

  • CVE-2008-4941Nov 5, 2008
    risk 0.00cvss epss 0.00

    arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts.

  • CVE-2008-4940Nov 5, 2008
    risk 0.00cvss epss 0.00

    xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.

  • CVE-2008-4939Nov 5, 2008
    risk 0.00cvss epss 0.00

    apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h)…

  • CVE-2008-4938Nov 5, 2008
    risk 0.00cvss epss 0.00

    aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h)…

  • CVE-2008-4937Nov 5, 2008
    risk 0.00cvss epss 0.00

    senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file.

  • CVE-2008-4936Nov 5, 2008
    risk 0.00cvss epss 0.00

    faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.

  • CVE-2008-4935Nov 5, 2008
    risk 0.00cvss epss 0.00

    asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file.

  • CVE-2008-4934Nov 5, 2008
    risk 0.00cvss epss 0.03

    The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted…

  • CVE-2008-4933Nov 5, 2008
    risk 0.00cvss epss 0.03

    Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to…

  • CVE-2008-4932Nov 5, 2008
    risk 0.03cvss epss 0.06

    webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a…

  • CVE-2008-4931Nov 5, 2008
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the account module in firmCHANNEL Digital Signage 3.24, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.

  • CVE-2008-4817Nov 5, 2008
    risk 0.01cvss epss 0.09

    The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that calls an AcroJS function with a long string argument, triggering heap corruption.

  • CVE-2008-4816Nov 5, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors.

  • CVE-2008-4815Nov 5, 2008
    risk 0.01cvss epss 0.08

    Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH.

  • CVE-2008-4814Nov 5, 2008
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."

  • CVE-2008-4813Nov 5, 2008
    risk 0.01cvss epss 0.10

    Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that (1) performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or (2) contains a…

  • CVE-2008-4812Nov 5, 2008
    risk 0.01cvss epss 0.09

    Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts.

  • CVE-2008-3527Nov 5, 2008
    risk 0.00cvss epss 0.00

    arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the…

  • CVE-2008-4930Nov 4, 2008
    risk 0.00cvss epss 0.01

    MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded file with a nonstandard file type that contains HTML sequences, which allows remote attackers to cause that file to be processed as HTML by Internet Explorer's content inspection, aka "Incomplete protection…