CVE-2008-4640
N/A
N/A
Summary
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/32506
- https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020
- http://www.openwall.com/lists/oss-security/2008/11/26/4
- http://www.openwall.com/lists/oss-security/2008/10/16/3
References
- http://www.securityfocus.com/bid/32506
- https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020
- http://www.openwall.com/lists/oss-security/2008/11/26/4
- http://www.openwall.com/lists/oss-security/2008/10/16/3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.