CVE-2008-3699 in Amarokinfo

Summary

The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

08/14/2008

Disclosure

08/14/2008

Moderation

VulDB entry created

Entries

VDB-43707 (1)

CPE

ready

CWE

CWE-59 (Confirmed)

CVSS

5.1

EPSS

0.00034

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-3699
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3699
CVE Details	https://www.cvedetails.com/cve/CVE-2008-3699/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!