CVE-2008-5153 (retired)

Priority
Description
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite
arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log,
(2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Notes
 jdstrand> per Debian, must manually edit the file to execute affected code
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:45:57 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)