Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6397

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2008-6397
Last Modified 05 Mar 2009 12:00:00
Published 04 Mar 2009 12:30:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6397

Summary

rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Vulnerable Systems

Application

  • Alcovebook Sgml2x 1.0.0


References

XF - sgml2x-rlatex-symlink(44879)

BID - 30963

MLIST - [debian-devel] 20080812 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496368


Last Updated: 27 May 2016 10:49:10