17 matches found
SLES9: Security update for id3lib
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: id3lib-examples id3lib id3lib-devel For more information, please visit the referenced security advisories. More details may also be found by searching for...
SLES9: Security update for id3lib
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: id3lib-examples id3lib id3lib-devel For more information, please visit the referenced security advisories. More details may also be found by searching for...
SuSE9 Security Update : id3lib (YOU Patch Number 11786)
This update fixes a bug that allows local attackers to overwrite arbitrary files. CVE-2007-4460 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41150;...
Mandriva Update for id3lib MDKSA-2007:180 (id3lib)
Check for the Version of id3lib OpenVAS Vulnerability Test Mandriva Update for id3lib MDKSA-2007:180 id3lib Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for id3lib FEDORA-2007-1774
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200709-08 (id3lib)
The remote host is missing updates announced in advisory GLSA 200709-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: id3lib
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 1365-2 (id3lib3.8.3)
The remote host is missing an update to id3lib3.8.3 announced via advisory DSA 1365-2. OpenVAS Vulnerability Test $Id: deb13652.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1365-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
SuSE 10 Security Update : id3lib (ZYPP Patch Number 4317)
This update fixes a bug that allows local attackers to overwrite arbitrary files. CVE-2007-4460 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29462;...
Fedora 7 : id3lib-3.8.3-17.fc7 (2007-1774)
This security update fixes a minor tempfile creation security issue CVE-2007-4460 by using mkstemp bugzilla 253553 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format i...
openSUSE 10 Security Update : id3lib (id3lib-4316)
This update fixes a bug that allows local attackers to overwrite arbitrary files. CVE-2007-4460 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update id3lib-4316. The text description of this plugin...
FreeBSD : id3lib -- insecure temporary file creation (15ec9123-7061-11dc-b372-001921ab2fa4)
Debian Bug report log reports : When tagging file $foo, a temporary copy of the file is created, and for some reason, libid3 doesn't use mkstemp but just creates $foo.XXXXXX literally, without any checking. This would silently truncate and overwrite an existing $foo.XXXXXX. %NASLMINLEVEL 70300 C...
[SECURITY] [DSA 1365-3] New id3lib3.8.3 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1365-3 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff, Dann Frazier October 2nd, 2007 http://www.debian.org/security/faq - -...
[SECURITY] [DSA 1365-2] New id3lib3.8.3 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1365-2 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 9th, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1365-1] New id3lib3.8.3 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1365-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 1st, 2007 http://www.debian.org/security/faq -...
CVE-2007-4460
The RenderV2ToFile function in tagfile.cpp in id3lib aka libid3 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged...
CVE-2007-4460
CVE-2007-4460 affects id3lib (libid3) 3.8.3. The RenderV2ToFile function in tag_file.cpp allows a local attacker to overwrite arbitrary files via a symlink attack on a temporary file named from the target file. Impact is local confidentiality, integrity, and availability are at risk. Several advi...