MidnightBSD

Advisories for tin

CVE-1999-1091 MEDIUM

UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tin tin 1.2
rtin rtin *
CVE-2006-0804 HIGH

Off-by-one error in TIN 1.8.0 and earlier might allow attackers to execute arbitrary code via unknown vectors that trigger a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tin tin 1.2_pl2
tin tin 1.0_pl0
tin tin 1.4.3
tin tin 1.1_pl4
tin tin 1.0_pl5
tin tin 1.2_pl0
tin tin 1.1_pl6
tin tin 1.0_pl2
tin tin 1.1_pl8
tin tin 1.0_pl3
tin tin 1.2_pl1
tin tin 1.1_pl9
tin tin 1.0_pl1
tin tin 1.6.2
tin tin 1.0_pl4
tin tin 1.1_pl1
tin tin 1.4.0
tin tin 1.4.6
tin tin 1.1_pl5
tin tin 1.8.0
tin tin 1.1_pl0
tin tin 1.4.7
tin tin 1.6.0
tin tin 1.4.1
tin tin 1.1_pl2
tin tin 1.6.1
tin tin 1.4.2
tin tin 1.4.4
tin tin 1.1_pl3
tin tin 1.1_pl7
tin tin 1.4.5