Lucene search
MitreCVELIST:CVE-2007-4460HistoryAug 21, 2007 - 9:00 p.m.
CVE-2007-4460
2007-08-2121:00:00
mitre
www.cve.org
2
The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=438540
secunia.com/advisories/26536
secunia.com/advisories/26646
secunia.com/advisories/26793
secunia.com/advisories/26818
secunia.com/advisories/26987
security.gentoo.org/glsa/glsa-200709-08.xml
www.debian.org/security/2007/dsa-1365
www.mandriva.com/security/advisories?name=MDKSA-2007:180
www.novell.com/linux/security/advisories/2007_19_sr.html
www.securityfocus.com/bid/25372
www.securitytracker.com/id?1018667
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253553
Related
gentoo
gentoo
id3lib: Insecure temporary file creation
2007-09-15 00:00:00
debiancve
debiancve
CVE-2007-4460
2007-08-21 21:17:00
nessus
nessus
FreeBSD : id3lib -- insecure temporary file creation (15ec9123-7061-11dc-b372-001921ab2fa4)
2007-10-03 00:00:00
Fedora 7 : id3lib-3.8.3-17.fc7 (2007-1774)
2007-11-06 00:00:00
GLSA-200709-08 : id3lib: Insecure temporary file creation
2007-09-24 00:00:00
securityvulns
securityvulns
id3lib symbolic links security vulnerability
2007-09-11 00:00:00
[SECURITY] [DSA 1365-1] New id3lib3.8.3 packages fix denial of service
2007-09-11 00:00:00
nvd
nvd
CVE-2007-4460
2007-08-21 21:17:00
debian
debian
[SECURITY] [DSA 1365-3] New id3lib3.8.3 packages fix denial of service
2007-10-02 08:47:49
[SECURITY] [DSA 1365-2] New id3lib3.8.3 packages fix denial of service
2007-09-09 21:28:34
[SECURITY] [DSA 1365-1] New id3lib3.8.3 packages fix denial of service
2007-09-01 11:48:26
openvas
openvas
Gentoo Security Advisory GLSA 200709-08 (id3lib)
2008-09-24 00:00:00
Debian Security Advisory DSA 1365-2 (id3lib3.8.3)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200709-08 (id3lib)
2008-09-24 00:00:00
cve
cve
CVE-2007-4460
2007-08-21 21:17:00
freebsd
freebsd
id3lib -- insecure temporary file creation
2007-08-20 00:00:00
prion
prion
Design/Logic Flaw
2007-08-21 21:17:00
ubuntucve
ubuntucve
CVE-2007-4460
2007-08-21 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: id3lib-3.8.3-17.fc7
2007-08-24 05:40:57
osv
osv
id3lib-3.8.3-266.5 on GA media
2024-06-15 00:00:00