MidnightBSD

Advisories for conky

CVE-2011-3616 MEDIUM

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
conky conky 1.4.3
conky conky 1.3.5
conky conky 1.4.8
conky conky 1.3.2
conky conky 1.4.7
conky conky 1.8.0
conky conky *
conky conky 1.7.1.1
conky conky 1.7.0
conky conky 1.3.1
conky conky 1.3.3
conky conky 1.7.2
conky conky 1.4.9
conky conky 1.4.0
conky conky 1.4.4
conky conky 1.4.1
conky conky 1.1
conky conky 1.2
conky conky 1.4.2
conky conky 1.5.0
conky conky 1.4.5
conky conky 1.6.0
conky conky 1.6.1
conky conky 1.4.6
conky conky 1.3.0
conky conky 1.7.1
conky conky 1.3.4
conky conky 1.5.1