logo

Database

Lack of data validation - Path Traversal In emacs-jabber

Description

emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2008-49522. NVD-2008-49523. OSV-DEBIAN-2008-49524. OSV-2008-49525. SECURITY-TRACKER-CVE-2008-4952

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.