Search Results (1855 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4977 1 Postfix 1 Postfix 2026-04-23 N/A
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.
CVE-2008-4104 1 Joomla 1 Joomla 2026-04-23 N/A
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
CVE-2008-4580 1 Gentoo 2 Cman, Fence 2026-04-23 N/A
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
CVE-2008-4997 1 Pilot-qof 1 Datafreedom-perl 2026-04-23 N/A
dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage.
CVE-2008-4984 1 Freedesktop 1 Scratchbox2 2026-04-23 N/A
scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.
CVE-2008-4987 1 Xastir 1 Xastir 2026-04-23 N/A
xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts.
CVE-2008-4993 2 Redhat, Xen 2 Enterprise Linux, Xen 2026-04-23 N/A
qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file.
CVE-2008-4982 1 John Horne 1 Rkhunter 2026-04-23 N/A
rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270.
CVE-2008-1694 1 Gnu 2 Emacs, Sccs 2026-04-23 N/A
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2008-4960 1 Dov Grobgeld 1 Impose\+ 2026-04-23 N/A
impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files.
CVE-2008-4964 1 Krzysztof Kozlowski 1 Konwert 2026-04-23 N/A
filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.
CVE-2008-4958 1 Alejandro Garrido Mota 1 Gdrae 2026-04-23 N/A
gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.
CVE-2008-5825 1 Nokia 1 6131 Nfc 2026-04-23 N/A
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone.
CVE-2009-0313 1 Kegel 1 Winetricks 2026-04-23 N/A
winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file.
CVE-2008-3456 1 Phpmyadmin 1 Phpmyadmin 2026-04-23 N/A
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
CVE-2008-4968 1 Bitmover 1 Lmbench 2026-04-23 N/A
The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.
CVE-2008-4908 2 Crossfire, Debian 2 Crossfire, Debian Linux 2026-04-23 N/A
maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2008-5369 1 No-ip 1 No-ip2 2026-04-23 N/A
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.
CVE-2008-4976 1 Alan Woodland 2 Ogle, Ogle-mmx 2026-04-23 N/A
ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mpeg_ps.#####, (f) /tmp/ogle_mpeg_vs.#####, (g) /tmp/ogle_nav.#####, and (h) /tmp/ogle_vout.#####, temporary files, related to the (1) ogle_audio_debug, (2) ogle_cli_debug, (3) ogle_ctrl_debug, (4) ogle_gui_debug, (5) ogle_mpeg_ps_debug, (6) ogle_mpeg_vs_debug, (7) ogle_nav_debug, and (8) ogle_vout_debug scripts.
CVE-2008-4951 1 Gplhost 1 Dtc-common 2026-04-23 N/A
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.