Description

spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.

Remediation

References

CVE-2008-5153

Related Vulnerabilities

WordPress Plugin Essential Real Estate Cross-Site Scripting (1.7.0)

WordPress Plugin WP DSGVO Tools (GDPR) Security Bypass (3.1.23)

WordPress Plugin Slider by 10Web-Responsive Image Slider Unspecified Vulnerability (1.1.9)

Oracle Database Server CVE-2014-6452 Vulnerability (CVE-2014-6452)

Oracle JRE CVE-2013-0435 Vulnerability (CVE-2013-0435)

Severity

Medium

Classification

CVE-2008-5153 CWE-59

Tags

Missing Update Known Vulnerabilities