{"id":"CVE-2008-4640","details":"The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final \"z\" character is replaced by a \"t\" character or (2) a final \"t\" character is replaced by a \"z\" character.","modified":"2026-04-10T03:40:18.992382Z","published":"2008-10-21T18:00:01Z","references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2008/10/16/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2008/11/26/4"},{"type":"WEB","url":"http://www.securityfocus.com/bid/32506"},{"type":"WEB","url":"https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020"}],"schema_version":"1.7.5"}