Computer Security
[EN] securityvulns.ru no-pyccku


gnucash symbolic links vulnerability
Published:21.02.2007
Source:
SecurityVulns ID:7273
Type:local
Threat Level:
5/10
Description:Symbolic links problem on temporary files creation.
Affected:GNU : gnucash 2.0
CVE:CVE-2007-0007 (gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:046 ] - Updated gnucash packages fix temp file issues. (21.02.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod