Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2008-4998

postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid.

  • Published: Nov 7, 2008
  • Updated: Nov 8, 2023
  • CVE: CVE-2008-4998
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
twiki / twiki 4.1.2 4.1.2.x