Computer Security
[EN] securityvulns.ru no-pyccku


QGit git repository graphical interface symbolic links
Published:08.10.2007
Source:
SecurityVulns ID:8224
Type:local
Threat Level:
5/10
Description:Insecure temporary files creation.
Affected:QGIT : QGit 1.5
CVE:CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbtirary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.)
Original documentdocumentGENTOO, [ GLSA 200710-05 ] QGit: Insecure temporary file creation (08.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod