Lucene search
MitreCVE-2007-0100HistoryJan 08, 2007 - 8:28 p.m.
CVE-2007-0100
2007-01-0820:28:00
mitre
web.nvd.nist.gov
34
perforce
client
remote attackers
file overwrite
security vulnerability
cve-2007-0100
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
High
EPSS
0.005
Percentile
77.3%
The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server.
Affected configurations
Node
perforceperforce_client
| Vendor | Product | Version | CPE |
|---|---|---|---|
| perforce | perforce_client | * | cpe:2.3:a:perforce:perforce_client:*:*:*:*:*:*:*:* |
Related
securityvulns
securityvulns
Perforce client insecure design
2007-01-05 00:00:00
cvelist
cvelist
CVE-2007-0100
2007-01-08 20:00:00
nvd
nvd
CVE-2007-0100
2007-01-08 20:28:00
prion
prion
Design/Logic Flaw
2007-01-08 20:28:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
High
EPSS
0.005
Percentile
77.3%
Related for CVE-2007-0100