2 matches found
Debian DSA-1365-3 : id3lib3.8.3 - programming error
Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
CVE-2007-4460
The RenderV2ToFile function in tagfile.cpp in id3lib aka libid3 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged...