Lucene search

[email protected]CVE-2008-0665

HistoryFeb 11, 2008 - 9:00 p.m.

CVE-2008-0665

2008-02-1121:00:00

CWE-59

[email protected]

web.nvd.nist.gov

cve-2008-0665

wml

website meta language

local users

file overwrite

symlink attack

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.

Affected configurations

NVD

Node

website_meta_languagewebsite_meta_languageMatch2.0.11

CPENameOperatorVersion
website_meta_language:website_meta_languagewebsite meta languageeq2.0.11

CPE	Name	Operator	Version
website_meta_language:website_meta_language	website meta language	eq	2.0.11

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907

secunia.com/advisories/28829

secunia.com/advisories/28856

secunia.com/advisories/29353

security.gentoo.org/glsa/glsa-200803-23.xml

www.debian.org/security/2008/dsa-1492

www.mandriva.com/security/advisories?name=MDVSA-2008:076

www.securityfocus.com/bid/27685

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-0665

prion1 debiancve1 cvelist1 nvd1 ubuntucve1 gentoo1 securityvulns4 openvas6 osv1 nessus3 debian2