CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sympa: >> Sympa >> 5.3.4 Security Vulnerabilities

CVE-2008-4476

sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.

CVSS Score

6.9

EPSS Score

0.0

Published

2008-10-07

Page 1

Vulnerabilities

Vulnerable Software

Sympa: >> Sympa >> 5.3.4 Security Vulnerabilities

Products

Pricing

Contact Us