CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-0673

HIGH
7.5
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile8.94th
Published2008年2月12日
Last Modified2026年4月23日

Vulnerability Description

TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunity to decline the request, which allows remote attackers to truncate arbitrary files in the top level of a home directory.

Affected Platforms (CPE)

📦
Tintin

Tintin\+\+

= 1.97.9
📦
Tintin

Wintin\+\+

= 1.97.9

References & Advisories

🔗 http://aluigi.altervista.org/adv/rintintin-adv.txt
🔗 http://secunia.com/advisories/28833
🔗 http://security.gentoo.org/glsa/glsa-201111-07.xml
🔗 http://securityreason.com/securityalert/3632
🔗 http://www.securityfocus.com/archive/1/487687/100/0/threaded
🔗 http://www.securityfocus.com/bid/27660
🔗 http://www.vupen.com/english/advisories/2008/0449
🔗 http://aluigi.altervista.org/adv/rintintin-adv.txt

相关漏洞威胁

CVE-2008-067110.0

Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to exec...

CVE-2019-76299.8

Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to ex...

CVE-2008-06725.0

The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (appli...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...