editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.tag.tmp temporary file.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-12-08
Updated
2008-12-09
The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to have an unknown impact with unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-07-05
Updated
2008-09-05
2 vulnerabilities found