{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2008-10-21T18:00:01Z",
  "id": "CVE-2008-4640",
  "details": "The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final \"z\" character is replaced by a \"t\" character or (2) a final \"t\" character is replaced by a \"z\" character.",
  "references": [
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2008/10/16/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2008/11/26/4"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/32506"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"
    }
  ]
}