CVE-2005-4534

N/A Unknown

Published: December 28, 2005 Modified: April 16, 2026

Description

The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329387

Source: cve@mitre.org

Patch

http://secunia.com/advisories/18218

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/22826

Source: cve@mitre.org

http://securityreason.com/securityalert/302

Source: cve@mitre.org

http://securitytracker.com/id?1015411

Source: cve@mitre.org

Patch

http://www.debian.org/security/2006/dsa-1208

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/420353/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16061

Source: cve@mitre.org

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=305353

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/23863

Source: cve@mitre.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329387