Description

spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.

Remediation

References

CVE-2008-5153

Related Vulnerabilities

WordPress Plugin Simple Yearly Archive Cross-Site Scripting (2.1.8)

SharePoint CVE-2021-26418 Vulnerability (CVE-2021-26418)

Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)

WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.25)

Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064)

Severity

Medium

Classification

CVE-2008-5153 CWE-59

Tags

Missing Update Known Vulnerabilities