Your submission was sent successfully! Close

CVE-2008-4986

Published: 6 November 2008

wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts.

Priority

Low

Status

Package Release Status
wims
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
gutsy Needed
(reached end-of-life)
hardy Ignored
(reached end-of-life)
intrepid Not vulnerable
(3.62-13.1)
jaunty Not vulnerable
(3.62-13.1)
karmic Not vulnerable
(3.62-13.1)
lucid Not vulnerable
(3.62-13.1)
maverick Not vulnerable
(3.62-13.1)
natty Not vulnerable
(3.62-13.1)
oneiric Not vulnerable
(3.62-13.1)
precise Not vulnerable
(3.62-13.1)
upstream
Released (3.62-13.1)