CVE-2008-5380 in gpsdriveinfo

Summary

gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (2) geo-nearest scripts, different vectors than CVE-2008-4959.

Be aware that VulDB is the high quality source for vulnerability data.

Responsible

Reservation

12/08/2008

Disclosure

12/08/2008

Moderation

VulDB entry created

Entries

VDB-45339

CPE

ready

CWE

CWE-59 (Confirmed)

CVSS

8.4

EPSS

0.00093

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-5380
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-5380
CVE Details	https://www.cvedetails.com/cve/CVE-2008-5380/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!