Description
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Paid Downloads 'download_key' Parameter SQL Injection (2.01)
Ruby Cryptographic Issues Vulnerability (CVE-2011-2686)
LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604)
PostgreSQL Other Vulnerability (CVE-2002-1398)
WordPress Plugin Post Lists View Custom Cross-Site Scripting (1.7.1)