Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Filtered by product Xsabre
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4407 1 Debian 1 Xsabre 2024-11-21 2.1 LOW N/A
XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service (application unavailability) by creating a /tmp/sabre.log file that cannot be overwritten.
CVE-2008-4406 1 Debian 1 Xsabre 2024-11-21 7.2 HIGH N/A
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.