CVE-2008-2958 in checkinstallinfo

Summary

Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

07/01/2008

Disclosure

07/01/2008

Moderation

VulDB entry created

Entries

1: VDB-43006

CPE

ready

CWE

CWE-362 (Confirmed)

CVSS

5.9

EPSS

0.00051

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-2958
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-2958
CVE Details	https://www.cvedetails.com/cve/CVE-2008-2958/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!