VYPR

Xsabre

by Debian

CVEs (2)

  • CVE-2008-4407Oct 3, 2008
    risk 0.00cvss epss 0.00

    XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service (application unavailability) by creating a /tmp/sabre.log file that cannot be overwritten.

  • CVE-2008-4406Oct 3, 2008
    risk 0.00cvss epss 0.00

    A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.