← voltar
CVE-2008-3699

CVE-2008-3699

EPSS 0.4%
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://amarok.kde.org/en/releases/1/4/10http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494765http://secunia.com/advisories/31418http://secunia.com/advisories/31663http://secunia.com/advisories/31839http://secunia.com/advisories/32357http://security.gentoo.org/glsa/glsa-200809-08.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/44399http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.455790https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00057.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg00097.htmlhttp://websvn.kde.org/?view=rev&revision=846626