Lucene search

[email protected]CVE-2007-6131

HistoryNov 26, 2007 - 10:46 p.m.

CVE-2007-6131

2007-11-2622:46:00

CWE-16

[email protected]

web.nvd.nist.gov

cve-2007-6131

buttonpressed.sh

scanbuttond

symlink attack

file overwrite

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.

CPENameOperatorVersion
redhat:fedora_coreredhat fedora coreeqf7

CPE	Name	Operator	Version
redhat:fedora_core	redhat fedora core	eq	f7

References

osvdb.org/42422

secunia.com/advisories/27847

securitytracker.com/id?1019007

www.securityfocus.com/bid/26617

www.vupen.com/english/advisories/2007/4024

bugzilla.redhat.com/show_bug.cgi?id=383131

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2007-6131

prion1 ubuntucve1