CVE-2008-5370

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2008-5370
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2008-5370.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2008-5370
Published
2008-12-08T23:30:00Z
Modified
2025-01-08T03:21:11.147297Z
Summary
[none]
Details

pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file.

References

Affected packages

Debian:11 / pvpgn

Package

Name
pvpgn
Purl
pkg:deb/debian/pvpgn?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.1-2

Affected versions

1.*

1.6.4+20040826-1
1.6.4+20040826-2
1.7.7-1
1.7.8-1
1.7.8-2
1.7.9-1
1.7.9-2
1.7.9-2+b1
1.7.9-3
1.8.1-1
1.8.1-1.1

Ecosystem specific 

{
    "urgency": "low"
}

Debian:12 / pvpgn

Package

Name
pvpgn
Purl
pkg:deb/debian/pvpgn?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.1-2

Affected versions

1.*

1.6.4+20040826-1
1.6.4+20040826-2
1.7.7-1
1.7.8-1
1.7.8-2
1.7.9-1
1.7.9-2
1.7.9-2+b1
1.7.9-3
1.8.1-1
1.8.1-1.1

Ecosystem specific 

{
    "urgency": "low"
}