Search Results (390 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-3423 2 Gnu, Mageia Project 2 Emacs, Mageia 2025-04-12 N/A
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
CVE-2014-3422 2 Gnu, Mageia Project 2 Emacs, Mageia 2025-04-12 N/A
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
CVE-2014-3421 2 Gnu, Mageia Project 2 Emacs, Mageia 2025-04-12 N/A
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
CVE-2014-4039 3 Ppc64-diag Project, Redhat, Suse 4 Ppc64-diag, Enterprise Linux, Enterprise Linux Server and 1 more 2025-04-12 N/A
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.
CVE-2013-4472 1 Freedesktop 1 Poppler 2025-04-12 N/A
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
CVE-2014-3981 1 Php 1 Php 2025-04-12 N/A
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
CVE-2014-3563 1 Saltstack 1 Salt 2025-04-12 N/A
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.
CVE-2014-0135 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Kafo 2025-04-12 N/A
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file.
CVE-2014-4038 3 Ppc64-diag Project, Redhat, Suse 4 Ppc64-diag, Enterprise Linux, Enterprise Linux Server and 1 more 2025-04-12 N/A
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.
CVE-2014-1875 1 Cspan 1 Capture-tiny 2025-04-12 N/A
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.
CVE-2014-1832 1 Phusion 1 Passenger 2025-04-12 N/A
Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831.
CVE-2016-6153 3 Fedoraproject, Opensuse, Sqlite 3 Fedora, Leap, Sqlite 2025-04-12 N/A
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
CVE-2013-6501 2 Php, Suse 2 Php, Linux Enterprise Server 2025-04-12 N/A
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.
CVE-2014-2524 4 Fedoraproject, Gnu, Mageia and 1 more 4 Fedora, Readline, Mageia and 1 more 2025-04-12 N/A
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
CVE-2015-0267 1 Redhat 2 Enterprise Linux, Kexec-tools 2025-04-12 N/A
The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.
CVE-2013-6493 1 Redhat 2 Enterprise Linux, Icedtea-web 2025-04-12 N/A
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.
CVE-2014-1932 2 Python, Pythonware 2 Pillow, Python Imaging Library 2025-04-12 N/A
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file.
CVE-2001-1593 1 Gnu 1 A2ps 2025-04-12 N/A
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
CVE-2014-4200 2 Redhat, Vmware 4 Enterprise Linux, Tools, Vm-support and 1 more 2025-04-12 N/A
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.
CVE-2014-4199 2 Redhat, Vmware 4 Enterprise Linux, Tools, Vm-support and 1 more 2025-04-12 N/A
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.