CVE-2008-3699
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-3699
Status
Candidate
Description
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
Phase
Assigned (14.08.2008)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3699
References
CONFIRM :
http://amarok.kde.org/en/releases/1/4/10
CONFIRM :
http://websvn.kde.org/?view=rev&revision=846626
MANDRIVA :
MDVSA-2008:172
MISC :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=4...
SECUNIA :
31418
SecurityVulns:
Amarok symbolic links vulnerability
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
