Description

spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.

Remediation

References

CVE-2008-5153

Related Vulnerabilities

Jenkins CVE-2021-21682 Vulnerability (CVE-2021-21682)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4898)

WordPress Plugin LearnPress-WordPress LMS Local File Inclusion (4.2.6.8.2)

WordPress Plugin Postie Multiple Vulnerabilities (1.9.40)

WordPress Plugin Broken Link Manager Cross-Site Scripting (0.5.5)

Severity

Medium

Classification

CVE-2008-5153 CWE-59

Tags

Missing Update Known Vulnerabilities