CVE-2007-5718

vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:r1:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.2.4:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*
cpe:2.3:a:vobcopy:vobcopy:0.5.14:*:*:*:*:*:*:*

History

21 Nov 2024, 00:38

Type Values Removed Values Added
References () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448319 - () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448319 -
References () http://osvdb.org/41997 - () http://osvdb.org/41997 -
References () http://secunia.com/advisories/27420 - Vendor Advisory () http://secunia.com/advisories/27420 - Vendor Advisory
References () http://secunia.com/advisories/29259 - () http://secunia.com/advisories/29259 -
References () http://security.gentoo.org/glsa/glsa-200803-11.xml - () http://security.gentoo.org/glsa/glsa-200803-11.xml -
References () http://www.securityfocus.com/bid/26233 - () http://www.securityfocus.com/bid/26233 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/38172 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/38172 -

Information

Published : 2007-10-30 21:46

Updated : 2024-11-21 00:38


NVD link : CVE-2007-5718

Mitre link : CVE-2007-5718

CVE.ORG link : CVE-2007-5718


JSON object : View

Products Affected

debian

  • debian_linux

vobcopy

  • vobcopy
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')