Description

gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.

Remediation

References

CVE-2008-3929

Related Vulnerabilities

Ruby CVE-2018-16395 Vulnerability (CVE-2018-16395)

WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Unspecified Vulnerability (4.0.2)

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.36)

Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7864)

WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Security Bypass (1.5.13)

Severity

High

Classification

CVE-2008-3929 CWE-59

Tags

Missing Update Known Vulnerabilities