CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0673

HIGH
7.5
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile8.94th
PublishedFeb 12, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunity to decline the request, which allows remote attackers to truncate arbitrary files in the top level of a home directory.

Affected Platforms (CPE)

πŸ“¦
Tintin

Tintin\+\+

= 1.97.9
πŸ“¦
Tintin

Wintin\+\+

= 1.97.9

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/rintintin-adv.txt
πŸ”— http://secunia.com/advisories/28833
πŸ”— http://security.gentoo.org/glsa/glsa-201111-07.xml
πŸ”— http://securityreason.com/securityalert/3632
πŸ”— http://www.securityfocus.com/archive/1/487687/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/27660
πŸ”— http://www.vupen.com/english/advisories/2008/0449
πŸ”— http://aluigi.altervista.org/adv/rintintin-adv.txt

Related Vulnerabilities

CVE-2008-067110.0

Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to exec...

CVE-2019-76299.8

Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to ex...

CVE-2008-06725.0

The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (appli...

CVE-2008-034410.0

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote a...