Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv2

CVE-2007-3921

Published: 08/11/2007 Updated: 29/07/2017
CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4
VMScore: 294
Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P

Vulnerability Summary

gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.

Vulnerable Product Search on Vulmon Subscribe to Product

gforge gforge 3.1

gforge gforge 4.5.14

Vendor Advisories

Debian Security Advisories: DSA-1402-1 gforge -- insecure temporary files
Steve Kemp from the Debian Security Audit project discovered that gforge, a collaborative development tool, used temporary files insecurely which could allow local users to truncate files upon the system with the privileges of the gforge user, or create a denial of service attack For the old stable distribution (sarge), this problem has been fixed ...

References

CWE-59http://www.debian.org/security/2007/dsa-1402http://www.securityfocus.com/bid/26373http://secunia.com/advisories/27549http://secunia.com/advisories/27586http://osvdb.org/42117http://www.vupen.com/english/advisories/2007/3773https://exchange.xforce.ibmcloud.com/vulnerabilities/38329https://nvd.nist.govhttps://www.debian.org/security/./dsa-1402
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310CVE-2024-21683CVE-2024-22187chromedeserializationXPath injectionCVE-2024-27842denial of serviceCVE-2024-24851googleCVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook