← back
CVE-2008-4640

CVE-2008-4640

EPSS 0.3%
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020http://www.openwall.com/lists/oss-security/2008/10/16/3http://www.openwall.com/lists/oss-security/2008/11/26/4http://www.securityfocus.com/bid/32506