Lucene search

[email protected]CVE-2008-4937

HistoryNov 05, 2008 - 3:00 p.m.

CVE-2008-4937

2008-11-0515:00:14

CWE-59

[email protected]

web.nvd.nist.gov

cve-2008-4937

senddoc

openoffice.org

ooo

symlink attack

nvd

2.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file.

Affected configurations

NVD

Node

openofficeopenoffice.orgMatch2.4.1

CPENameOperatorVersion
openoffice:openoffice.orgopenoffice openoffice.orgeq2.4.1

CPE	Name	Operator	Version
openoffice:openoffice.org	openoffice openoffice.org	eq	2.4.1

References

bugs.debian.org/496361

dev.gentoo.org/~rbu/security/debiantemp/openoffice.org-common

secunia.com/advisories/32856

secunia.com/advisories/33140

security.gentoo.org/glsa/glsa-200812-13.xml

uvw.ru/report.lenny.txt

www.mandriva.com/security/advisories?name=MDVSA-2009:070

www.openwall.com/lists/oss-security/2008/10/30/2

www.securityfocus.com/bid/30925

www.ubuntu.com/usn/usn-677-1

www.ubuntu.com/usn/usn-677-2

bugs.gentoo.org/235824

bugs.gentoo.org/show_bug.cgi?id=235770

exchange.xforce.ibmcloud.com/vulnerabilities/44829

2.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

Related for CVE-2008-4937

cvelist1 openvas16 ubuntucve1 prion1 nessus4 nvd1 gentoo1 ubuntu2