Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-3699HistoryAug 14, 2008 - 11:41 p.m.
CVE-2008-3699
2008-08-1423:41:00
Debian Security Bug Tracker
security-tracker.debian.org
8
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
10.1%
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | amarok | < 1.4.10-1 | amarok_1.4.10-1_all.deb |
| Debian | 13 | all | amarok | < 1.4.10-1 | amarok_1.4.10-1_all.deb |
Related
nessus
nessus
Fedora 8 : amarok-1.4.10-1.fc8 (2008-7719)
2008-09-10 00:00:00
Ubuntu 7.10 / 8.04 LTS : amarok vulnerability (USN-657-1)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : amarok (MDVSA-2008:172)
2009-04-23 00:00:00
gentoo
gentoo
Amarok: Insecure temporary file creation
2008-09-08 00:00:00
slackware
slackware
[slackware-security] amarok
2008-08-29 05:26:50
prion
prion
Design/Logic Flaw
2008-08-14 23:41:00
Design/Logic Flaw
2008-10-03 22:22:00
openvas
openvas
Fedora Update for amarok FEDORA-2008-7719
2009-02-17 00:00:00
Slackware Advisory SSA:2008-241-01 amarok
2012-09-11 00:00:00
Mandriva Update for amarok MDVSA-2008:172 (amarok)
2009-04-09 00:00:00
nvd
nvd
CVE-2008-3699
2008-08-14 23:41:00
CVE-2008-4430
2008-10-03 22:22:45
ubuntucve
ubuntucve
CVE-2008-3699
2008-08-14 00:00:00
cve
cve
CVE-2008-3699
2008-08-14 23:41:00
CVE-2008-4430
2008-10-03 22:22:45
securityvulns
securityvulns
[ MDVSA-2008:172 ] amarok
2008-08-18 00:00:00
Amarok symbolic links vulnerability
2008-08-18 00:00:00
ubuntu
ubuntu
Amarok vulnerability
2008-10-21 00:00:00
cvelist
cvelist
CVE-2008-3699
2008-08-14 23:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: amarok-1.4.10-1.fc9
2008-09-10 06:33:33
[SECURITY] Fedora 8 Update: amarok-1.4.10-1.fc8
2008-09-10 06:36:53
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
10.1%
Related for DEBIANCVE:CVE-2008-3699