VDB
DEBIAN-CVE-2008-4640
DEBIAN-CVE-2008-4640
PUBLISHED
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | jhead | 0, 0, 0 |
| Debian:14 | jhead | 0, 0, 0 |
| Debian:13 | jhead | 0, 0, 0 |
| Debian:11 | jhead | 0, 0, 0 |
Timeline
- Oct 21, 2008 CVE Published
- Apr 28, 2026 CVE Updated