{
  "modified": "2025-08-09T19:01:26Z",
  "published": "2009-03-04T17:30:02Z",
  "id": "CVE-2008-6398",
  "details": "sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/recompiled$$.png, (2) /tmp/decompiled$$.sng, and (3) /tmp/canonicalized$$.sng temporary files.",
  "references": [
    {
      "type": "EVIDENCE",
      "url": "http://lists.debian.org/debian-devel/2008/08/msg00283.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496407"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/30965"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44881"
    }
  ]
}