CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
13451 CVE-2008-4958 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.
13452 CVE-2008-4957 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
13453 CVE-2008-4956 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.
13454 CVE-2008-4955 59 2008-11-05 2009-07-20
6.2
None Local High Not required Complete Complete Complete
freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code.
13455 CVE-2008-4954 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file.
13456 CVE-2008-4953 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks."
13457 CVE-2008-4952 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.
13458 CVE-2008-4951 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.
13459 CVE-2008-4950 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot."
13460 CVE-2008-4949 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts.
13461 CVE-2008-4948 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
13462 CVE-2008-4947 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
13463 CVE-2008-4946 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/.
13464 CVE-2008-4945 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory.
13465 CVE-2008-4944 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.
13466 CVE-2008-4943 59 2008-11-05 2009-07-21
6.9
Admin Local Medium Not required Complete Complete Complete
bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts.
13467 CVE-2008-4942 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.
13468 CVE-2008-4941 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts.
13469 CVE-2008-4940 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.
13470 CVE-2008-4939 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts.
13471 CVE-2008-4938 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####, (b) /tmp/#####.intro, (c) /tmp/aegis.#####.ae, (d) /tmp/aegis.#####, (e) /tmp/aegis.#####.1, (f) /tmp/aegis.#####.2, (g) /tmp/aegis.#####.log, and (h) /tmp/aegis.#####.out temporary files, related to the (1) bng_dvlpd.sh, (2) bng_rvwd.sh, (3) awt_dvlp.sh, (4) awt_intgrtn.sh, and (5) aegis.cgi scripts.
13472 CVE-2008-4936 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.
13473 CVE-2008-4935 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file.
13474 CVE-2008-4915 264 +Priv 2008-11-10 2018-11-02
6.9
Admin Local Medium Not required Complete Complete Complete
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.
13475 CVE-2008-4904 89 Exec Code Sql 2008-11-03 2017-08-07
6.0
User Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter.
13476 CVE-2008-4899 352 CSRF 2008-11-03 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors.
13477 CVE-2008-4897 89 1 Exec Code Sql 2008-11-03 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in fichiers/add_url.php in Logz podcast CMS 1.3.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the art parameter.
13478 CVE-2008-4877 89 Exec Code Sql 2008-11-01 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information.
13479 CVE-2008-4875 22 Dir. Trav. 2008-11-01 2018-10-11
6.8
None Remote Low Single system Complete None None
Directory traversal vulnerability in the web server in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a GET request. NOTE: this can be leveraged with CVE-2008-4874 for unauthenticated access to sensitive files such as (1) save.dat and (2) apply.log, which can contain other credentials such as the Skype username and password.
13480 CVE-2008-4863 Exec Code 2008-10-31 2010-04-15
6.9
Admin Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.
13481 CVE-2008-4832 59 2008-11-17 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.
13482 CVE-2008-4822 264 Bypass 2008-11-10 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
Adobe Flash Player 9.0.124.0 and earlier does not properly interpret policy files, which allows remote attackers to bypass a non-root domain policy.
13483 CVE-2008-4819 2008-11-10 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.
13484 CVE-2008-4792 264 Bypass 2008-10-29 2018-11-02
6.0
User Remote Medium Single system Partial Partial Partial
The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.
13485 CVE-2008-4791 264 Bypass 2008-10-29 2018-11-02
6.0
User Remote Medium Single system Partial Partial Partial
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.
13486 CVE-2008-4790 264 Bypass 2008-10-29 2017-08-07
6.0
User Remote Medium Single system Partial Partial Partial
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
13487 CVE-2008-4789 264 Bypass 2008-10-29 2017-08-07
6.0
User Remote Medium Single system Partial Partial Partial
The validation functionality in the core upload module in Drupal 6.x before 6.5 allows remote authenticated users to bypass intended access restrictions and "attach files to content," related to a "logic error."
13488 CVE-2008-4780 22 Dir. Trav. 2008-10-29 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter.
13489 CVE-2008-4760 89 Exec Code Sql 2008-10-27 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
13490 CVE-2008-4739 22 Dir. Trav. 2008-10-24 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in PlugSpace 0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the navi parameter.
13491 CVE-2008-4729 119 Exec Code Overflow 2008-10-23 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0.
13492 CVE-2008-4712 22 Dir. Trav. 2008-10-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter.
13493 CVE-2008-4711 89 Exec Code Sql 2008-10-23 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php.
13494 CVE-2008-4701 89 Exec Code Sql 2008-10-22 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
13495 CVE-2008-4700 89 Exec Code Sql 2008-10-22 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.
13496 CVE-2008-4679 287 Bypass 2008-10-22 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEnabled method on the PKIXBuilderParameters object, which prevents the "Java security method" from checking the revocation status of X.509 certificates and allows remote attackers to bypass intended access restrictions via a SOAP message with a revoked certificate.
13497 CVE-2008-4676 264 +Priv 2008-10-22 2017-08-07
6.8
Admin Local Low Single system Complete Complete Complete
Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. NOTE: this might be the same issue as CVE-2008-3485, but the vendor advisory is too vague to be certain.
13498 CVE-2008-4674 89 Exec Code Sql 2008-10-22 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode.
13499 CVE-2008-4666 89 Exec Code Sql 2008-10-22 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter.
13500 CVE-2008-4662 22 Dir. Trav. 2008-10-21 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.