RSS   Vulnerabilities for 'Log4sh'   RSS

2005-07-05
 
CVE-2005-2133

 

 
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1915. Reason: This candidate is a duplicate of CVE-2005-1915. Notes: All CVE users should reference CVE-2005-1915 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

 
2005-09-02
 
CVE-2005-1915

 

 
The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames.

 


Copyright 2019, cxsecurity.com

 

Back to Top