Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4639

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-4639
Last Modified 28 Dec 2010 12:00:00
Published 21 Oct 2008 02:00:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4639

Summary

jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

Vulnerable Systems

Application

  • Sentex Jhead 1.2

  • Sentex Jhead 1.3

  • Sentex Jhead 1.4

  • Sentex Jhead 1.5

  • Sentex Jhead 1.6

  • Sentex Jhead 1.7

  • Sentex Jhead 1.8

  • Sentex Jhead 1.9

  • Sentex Jhead 2.0

  • Sentex Jhead 2.1

  • Sentex Jhead 2.2

  • Sentex Jhead 2.3

  • Sentex Jhead 2.4

  • Sentex Jhead 2.4-1

  • Sentex Jhead 2.4-2

  • Sentex Jhead 2.5

  • Sentex Jhead 2.6

  • Sentex Jhead 2.7

  • Sentex Jhead 2.8

  • Sentex Jhead 2.82

  • Sentex Jhead 2.84


References

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020

MLIST - [oss-security] 20090206 Re: CVE request: jhead

MLIST - [oss-security] 20081016 Re: CVE request: jhead

MLIST - [oss-security] 20081015 Re: CVE request: jhead

MLIST - [oss-security] 20081015 CVE request: jhead


Last Updated: 27 May 2016 10:48:34