Search Results (7481 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3928 1 Debian 1 Honeyd Common 2025-04-09 N/A
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2008-4440 1 Debian 1 Feta 2025-04-09 N/A
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files.
CVE-2009-1753 1 Emn 1 Coccinelle 2025-04-09 N/A
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."
CVE-2008-5135 1 Debian 1 Os-prober 2025-04-09 N/A
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users.
CVE-2007-5664 1 Ibm 1 Db2 Universal Database 2025-04-09 N/A
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.
CVE-2008-4986 1 Georges Khaznadar 1 Wims 2025-04-09 N/A
wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts.
CVE-2007-5437 1 Broadcom 1 Etrust Integrated Threat Management 2025-04-09 N/A
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
CVE-2008-5137 1 Tkman 1 Tkman 2025-04-09 N/A
tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file.
CVE-2008-4104 1 Joomla 1 Joomla 2025-04-09 N/A
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
CVE-2008-4990 1 Enomaly 1 Elastic Computing Platform 2025-04-09 N/A
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.
CVE-2008-5139 1 Javier Fernandez 1 Jailer 2025-04-09 N/A
updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.
CVE-2008-5140 1 Debian 1 Mailscanner 2025-04-09 N/A
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file.
CVE-2008-3227 1 Joomla 1 Joomla 2025-04-09 N/A
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVE-2007-5495 2 Redhat, Selinux 3 Enterprise Linux, Enterprise Linux Desktop, Setroubleshoot 2025-04-09 N/A
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.
CVE-2007-5695 1 Sitebar 1 Sitebar 2025-04-09 N/A
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.
CVE-2008-4938 1 Aegis 2 Aegis, Aegis-web 2025-04-09 N/A
aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts.
CVE-2008-4940 1 Aptoncd 1 Aptoncd 2025-04-09 N/A
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.
CVE-2008-7247 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-09 N/A
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
CVE-1999-1593 1 Microsoft 3 Windows 2000, Windows 95, Windows 98 2025-04-09 N/A
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable.
CVE-2007-6692 1 Menalto 1 Gallery 2025-04-09 N/A
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules.