Lucene search

MitreCVE-2008-1832

HistoryApr 16, 2008 - 3:05 p.m.

CVE-2008-1832

2008-04-1615:05:00

CWE-59

mitre

web.nvd.nist.gov

cecilia 2.0.5

lib/prefs.tcl

arbitrary file overwrite

symlink attack

nvd

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

Percentile

5.1%

JSON

lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.

Affected configurations

Nvd

Node

ceciliaceciliaMatch2.0.5

VendorProductVersionCPE
ceciliacecilia2.0.5cpe:2.3:a:cecilia:cecilia:2.0.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cecilia	cecilia	2.0.5	cpe:2.3:a:cecilia:cecilia:2.0.5:::::::*

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321

secunia.com/advisories/29832

www.securityfocus.com/bid/28805

exchange.xforce.ibmcloud.com/vulnerabilities/41837

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-1832