CVE-2008-3216

NameCVE-2008-3216
DescriptionThe save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs489988

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
projectl (PTS)buster1.001.dfsg1-9fixed
bullseye1.001.dfsg2-0.1fixed
sid, trixie, bookworm1.001.dfsg2-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
projectlsource(unstable)1.001.dfsg1-2low489988

Notes

[etch] - projectl <no-dsa> (Minor issue)

Search for package or bug name: Reporting problems