MidnightBSD

Advisories for log4sh

CVE-2005-1915 LOW

The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
log4sh log4sh 1.2.4
log4sh log4sh 1.2.5
log4sh log4sh 1.2.3