Computer Security

QGit git repository graphical interface symbolic links
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



QGit git repository graphical interface symbolic links
Published:08.10.2007
Source:BUGTRAQ
SecurityVulns ID:8224
Type:local
Level:5/10
Description:Insecure temporary files creation.
Affected:QGIT : QGit 1.5
CVE:CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbtirary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.)
Original documentdocumentGENTOO, [ GLSA 200710-05 ] QGit: Insecure temporary file creation (08.10.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru