Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0793 | Link Following vulnerability in Blackberry QNX Neutrino Real-Time Operating System 4.25 Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility. | 5.5 |
| 2002-08-12 | CVE-2002-0788 | Incomplete Cleanup vulnerability in PGP Corporate Desktop, Freeware and Personal Security An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information. | 5.5 |
| 2001-12-31 | CVE-2001-1559 | NULL Pointer Dereference vulnerability in Openbsd 2.9/3.0 The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. | 5.5 |
| 2001-12-31 | CVE-2001-1494 | Link Following vulnerability in multiple products script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | 5.5 |
| 2001-08-31 | CVE-2000-1198 | Improper Locking vulnerability in Qualcomm Qpopper 2.53/3.0 qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. | 5.5 |
| 2001-08-29 | CVE-2001-0682 | Improper Locking vulnerability in multiple products ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. | 5.5 |
| 2001-04-17 | CVE-2001-1391 | Off-by-one Error vulnerability in Linux Kernel Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory. | 5.5 |
| 2001-01-09 | CVE-2000-1178 | Link Following vulnerability in Joseph Allen JOE 2.8 Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | 5.5 |
| 2000-12-19 | CVE-2000-0972 | Link Following vulnerability in HP Hp-Ux 11.00 HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | 5.5 |
| 2000-06-06 | CVE-2000-0552 | Incomplete Cleanup vulnerability in ICQ 2000A ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information. | 5.5 |