Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv2

CVE-2007-4462

Published: 21/08/2007 Updated: 05/09/2008
CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4
VMScore: 294
Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Subscribe to Po4a

Vulnerability Summary

lib/Locale/Po4a/Po.pm in po4a prior to 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.

Vulnerable Product Search on Vulmon Subscribe to Product

po4a po4a

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-4462: arbitrary files overwriting
Debian Bug report logs - #439226 CVE-2007-4462: arbitrary files overwriting Package: po4a; Maintainer for po4a is Martin Quinson <mquinson@debianorg>; Source for po4a is src:po4a (PTS, buildd, popcon) Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Thu, 23 Aug 2007 12:30:01 UTC Severity: serious Tags: securit ...

References

NVD-CWE-Otherhttp://bugs.gentoo.org/show_bug.cgi?id=189440https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253541http://alioth.debian.org/frs/shownotes.php?release_id=1019http://security.gentoo.org/glsa/glsa-200709-04.xmlhttp://www.securityfocus.com/bid/25402http://secunia.com/advisories/26492http://secunia.com/advisories/26810https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439226https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook