0.8.8

DATE	CVE	VULNERABILITY TITLE	RISK
2011-01-14	CVE-2010-4337	Link Following vulnerability in GNU Gnash 0.8.8 The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files. local gnu CWE-59	3.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.