Filtered by vendor
Subscriptions
Total
1234 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-3919 | 3 Debian, Redhat, Xensource Inc | 3 Debian Linux, Enterprise Linux, Xen | 2024-11-21 | N/A |
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | ||||
CVE-2007-3916 | 1 Skk Openlab | 1 Skk Tools | 2024-11-21 | N/A |
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file. | ||||
CVE-2007-3742 | 1 Apple | 2 Iphone, Safari | 2024-11-21 | N/A |
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks. | ||||
CVE-2007-3103 | 2 Fedoraproject, Redhat | 4 Fedora Core, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2024-11-21 | N/A |
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | ||||
CVE-2007-2978 | 1 Eggblog | 1 Eggblog | 2024-11-21 | N/A |
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
CVE-2007-1027 | 1 Ibm | 1 Db2 | 2024-11-21 | N/A |
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file. | ||||
CVE-2006-5851 | 1 Openbase International Ltd | 1 Openbase | 2024-11-21 | N/A |
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328. | ||||
CVE-2006-1247 | 1 Ibm | 1 Aix | 2024-11-21 | N/A |
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2024-11-21 | N/A |
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | ||||
CVE-2005-3126 | 1 Antiword | 1 Antiword | 2024-11-21 | N/A |
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. | ||||
CVE-2005-3011 | 2 Gnu, Redhat | 2 Texinfo, Enterprise Linux | 2024-11-21 | N/A |
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
CVE-2005-2991 | 1 Ncompress | 1 Ncompress | 2024-11-21 | 5.0 Medium |
ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970. | ||||
CVE-2005-2714 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. | ||||
CVE-2005-2527 | 1 Sun | 1 Java | 2024-11-21 | N/A |
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. | ||||
CVE-2005-1916 | 2 Debian, Ekg Project | 2 Debian Linux, Ekg | 2024-11-21 | 5.5 Medium |
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | ||||
CVE-2005-1880 | 1 Everybuddy | 1 Everybuddy | 2024-11-21 | 5.5 Medium |
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
CVE-2005-1879 | 1 Lutel | 1 Lutelwall | 2024-11-21 | 5.5 Medium |
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
CVE-2005-1111 | 4 Canonical, Debian, Gnu and 1 more | 4 Ubuntu Linux, Debian Linux, Cpio and 1 more | 2024-11-21 | 4.7 Medium |
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | ||||
CVE-2005-0824 | 1 Mathopd | 1 Mathopd | 2024-11-21 | 5.5 Medium |
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal. | ||||
CVE-2005-0587 | 1 Mozilla | 2 Firefox, Mozilla | 2024-11-21 | 6.5 Medium |
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. |