PT-2008-6755 · Gpsdrive · Gpsdrive

Hamish B

Published

2008-12-22

Updated

2009-08-19

CVE-2008-5703

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2008-5703

Affected Products

Gpsdrive

PT-2008-6755 · Gpsdrive · Gpsdrive

CVE-2008-5703

Weakness Enumeration

Related Identifiers

Affected Products

References · 8