Total
1174 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-0017 | 1 Exim | 1 Exim | 2024-08-06 | N/A |
The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack. | ||||
CVE-2012-6114 | 1 Git-extras Project | 1 Git-extras | 2024-08-06 | 5.5 Medium |
The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. | ||||
CVE-2012-5564 | 1 Google | 1 Android Debug Bridge | 2024-08-06 | N/A |
android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log. | ||||
CVE-2012-5355 | 1 Bryce Harrington | 1 Xdiagnose | 2024-08-06 | N/A |
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. | ||||
CVE-2012-5303 | 1 Monkey-project | 1 Monkey | 2024-08-06 | N/A |
Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname. | ||||
CVE-2012-4510 | 1 Cups-pk-helper Project | 1 Cups-pk-helper | 2024-08-06 | N/A |
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS resources. | ||||
CVE-2012-4455 | 1 Opencryptoki Project | 1 Opencryptoki | 2024-08-06 | N/A |
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/. | ||||
CVE-2012-3440 | 2 Redhat, Todd Miller | 2 Enterprise Linux, Sudo | 2024-08-06 | N/A |
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. | ||||
CVE-2012-3345 | 1 Ioquake3 | 1 Ioquake3 Engine | 2024-08-06 | N/A |
ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file. | ||||
CVE-2012-3329 | 2 Ibm, Linux | 3 Advanced Settings Utility, Bootable Media Creator, Linux Kernel | 2024-08-06 | N/A |
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. | ||||
CVE-2012-2945 | 1 Apache | 1 Hadoop | 2024-08-06 | 7.5 High |
Hadoop 1.0.3 contains a symlink vulnerability. | ||||
CVE-2012-2093 | 1 Gajim | 1 Gajim | 2024-08-06 | N/A |
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function. | ||||
CVE-2012-2103 | 1 Munin-monitoring | 1 Munin | 2024-08-06 | N/A |
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. | ||||
CVE-2012-1093 | 1 Debian | 2 Debian Linux, X11-common | 2024-08-06 | 7.8 High |
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation. | ||||
CVE-2012-1088 | 1 Iproute2 Project | 1 Iproute2 | 2024-08-06 | N/A |
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script. | ||||
CVE-2012-0871 | 2 Opensuse, Systemd Project | 2 Opensuse, Systemd | 2024-08-06 | N/A |
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. | ||||
CVE-2012-0808 | 1 Bdale Garbee | 1 As31 | 2024-08-06 | N/A |
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack. | ||||
CVE-2012-0786 | 2 Augeas, Redhat | 3 Augeas, Enterprise Linux, Storage | 2024-08-06 | N/A |
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. | ||||
CVE-2013-7393 | 1 Apache | 1 Subversion | 2024-08-06 | N/A |
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on different affected versions (ADT3). | ||||
CVE-2013-6891 | 2 Apple, Canonical | 2 Cups, Ubuntu Linux | 2024-08-06 | N/A |
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. |