2 matches found
CVE-2007-0007
gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the 1 gnucash.trace, 2 qof.trace, and 3 qof.trace.PID temporary files...
CVE-2007-0007
CVE-2007-0007 affects GnuCash 2.0.4 and earlier, enabling local users to overwrite arbitrary files via a symlink attack on temporary files (gnucash.trace, qof.trace, and qof.trace.[PID]). The issue stems from insecure handling of the tmp filesystem/trace files. Public advisories across distros co...