CVE

Id
35077  
CVE No.
CVE-2008-4960  
Status
Candidate  
Description
impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files.  
Phase
Assigned (20081105)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
383819 35077 CVE-2008-4960 MLIST:[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire  View
383820 35077 CVE-2008-4960 URL:http://www.openwall.com/lists/oss-security/2008/10/30/2  View
383821 35077 CVE-2008-4960 MISC:http://uvw.ru/report.lenny.txt  View
383822 35077 CVE-2008-4960 CONFIRM:http://bugs.debian.org/496435  View
383823 35077 CVE-2008-4960 CONFIRM:http://dev.gentoo.org/~rbu/security/debiantemp/impose+  View
383824 35077 CVE-2008-4960 CONFIRM:https://bugs.gentoo.org/show_bug.cgi?id=235770  View
383825 35077 CVE-2008-4960 BID:30906  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
49719 JVNDB-2008-005029 konwert の filters/any-UTF8 における任意のファイルを削除される脆弱性 konwert の filters/any-UTF8 には、任意のファイルを削除される脆弱性が存在します。 CVE-2008-4964 35077 6.9 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005029.html  View