Computer Security
[EN] securityvulns.ru no-pyccku


NVClock symbolic links vulnerability
Published:25.07.2007
Source:
SecurityVulns ID:7979
Type:local
Threat Level:
5/10
Description:Insecure creation of temporary files.
Affected:NVCLOCK : nvclock 0.7
CVE:CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.)
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200707-08 ] NVClock: Insecure file usage (25.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod