[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5718Date: (C)2007-10-30   (M)2023-12-22


vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: COMPLETE
Availability: NONE
  
Reference:
BID-26233
SECUNIA-27420
SECUNIA-29259
OSVDB-41997
GLSA-200803-11
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448319
vobcopy-vobcopybla-symlink(38172)

CPE    3
cpe:/o:debian:debian_linux:3.1
cpe:/o:debian:debian_linux:4.0
cpe:/o:debian:debian_linux:3.2.4
CWE    1
CWE-59

© SecPod Technologies