CVE-2008-3699

Publication date 14 August 2008

Last updated 24 July 2024

The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
amarok	8.04 LTS hardy	Fixed 2:1.4.9.1-0ubuntu3.1
	7.10 gutsy	Fixed 2:1.4.7-0ubuntu3.1
	7.04 feisty	Ignored
	6.06 LTS dapper	Not affected

Notes

jdstrand

Ubuntu 6.06 LTS (Dapper) does not contain the vulnerable code amarok tries to remove the file before opening it, so there is a TOCTOU vulnerability and a symlink could be inserted before open. This makes the attack much harder, but still possible.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
amarok	Other: http://websvn.kde.org/?view=rev&revision=846626 Vendor: http://security.gentoo.org/glsa/glsa-200809-08.xml Vendor: http://www.mandriva.com/security/advisories?name=MDVSA-2008:172

CVE-2008-3699

Status

Notes

jdstrand

Patch details

References

Related Ubuntu Security Notices (USN)

Other references