CVE-2005-1880

5.5 MEDIUM

Published: June 06, 2005 Modified: April 16, 2026

Description

everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.gentoo.org/show_bug.cgi?id=94473

Source: cve@mitre.org

Exploit Issue Tracking

http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034422.html

Source: cve@mitre.org

Not Applicable Vendor Advisory

http://securitytracker.com/id?1014110

Source: cve@mitre.org

Broken Link Third Party Advisory VDB Entry Vendor Advisory

http://www.securityfocus.com/bid/13865

Source: cve@mitre.org

Broken Link Third Party Advisory VDB Entry Vendor Advisory

http://www.zataz.net/adviso/everybuddy-06062005.txt

Source: cve@mitre.org

Broken Link Vendor Advisory

http://bugs.gentoo.org/show_bug.cgi?id=94473