Lucene search

[email protected]CVE-2007-3916

HistorySep 24, 2007 - 12:17 a.m.

CVE-2007-3916

2007-09-2400:17:00

CWE-59

[email protected]

web.nvd.nist.gov

cve-2007-3916

skk tools

symlink attack

file overwrite

file deletion

local user

vulnerability

nvd

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file.

Affected configurations

NVD

Node

skk_openlabskk_toolsMatch1.2

CPENameOperatorVersion
skk_openlab:skk_toolsskk openlab skk toolseq1.2

CPE	Name	Operator	Version
skk_openlab:skk_tools	skk openlab skk tools	eq	1.2

References

bugs.gentoo.org/show_bug.cgi?id=193121

osvdb.org/40557

secunia.com/advisories/26866

secunia.com/advisories/27247

security-tracker.debian.net/tracker/CVE-2007-3916

security.gentoo.org/glsa/glsa-200710-10.xml

www.securityfocus.com/bid/25739

exchange.xforce.ibmcloud.com/vulnerabilities/36699

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-3916

nessus1 prion1 openvas2 cvelist1 gentoo1 nvd1 ubuntucve1 debiancve1