CVE-2008-4960

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2008-4960
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-4960.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2008-4960
Published
2008-11-05T15:00:15Z
Modified
2024-11-21T00:52:56Z
Summary
[none]
Details

impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/-tmp.ps and (2) /tmp/bboxx- temporary files.

References

Affected packages

Debian:11 / impose+

Package

Name
impose+
Purl
pkg:deb/debian/impose%2B?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2-11.1

Ecosystem specific 

{
    "urgency": "low"
}

Debian:12 / impose+

Package

Name
impose+
Purl
pkg:deb/debian/impose%2B?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2-11.1

Ecosystem specific 

{
    "urgency": "low"
}

Debian:13 / impose+

Package

Name
impose+
Purl
pkg:deb/debian/impose%2B?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2-11.1

Ecosystem specific 

{
    "urgency": "low"
}