CVE-2008-4976 Information

Feb 14, 2021 cve

Description

ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio. (b) /tmp/ogle_cli. (c) /tmp/ogle_ctrl. (d) /tmp/ogle_gui. (e) /tmp/ogle_mpeg_ps. (f) /tmp/ogle_mpeg_vs. (g) /tmp/ogle_nav. and (h) /tmp/ogle_vout. temporary files related to the (1) ogle_audio_debug (2) ogle_cli_debug (3) ogle_ctrl_debug (4) ogle_gui_debug (5) ogle_mpeg_ps_debug (6) ogle_mpeg_vs_debug (7) ogle_nav_debug and (8) ogle_vout_debug scripts.

Reference

http://bugs.debian.org/496420 http://bugs.debian.org/496425 http://dev.gentoo.org/~rbu/security/debiantemp/ogle http://dev.gentoo.org/~rbu/security/debiantemp/ogle-mmx http://uvw.ru/report.lenny.txt http://www.openwall.com/lists/oss-security/2008/10/30/2 http://www.securityfocus.com/bid/30926 https://bugs.gentoo.org/show_bug.cgi?id=235770 https://exchange.xforce.ibmcloud.com/vulnerabilities/44832

Share on: