Vulnerability Details : CVE-2007-4631
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
Vulnerability category: Execute code
Products affected by CVE-2007-4631
- cpe:2.3:a:qgit:qgit:1.5.6_2pre1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-4631
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-4631
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2007-4631
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-4631
-
http://secunia.com/advisories/26745
About Secunia Research | FlexeraVendor Advisory
-
http://sourceforge.net/project/shownotes.php?release_id=538002&group_id=139897
QGit viewer download | SourceForge.netPatch
-
http://secunia.com/advisories/27098
About Secunia Research | FlexeraVendor Advisory
-
http://bugs.gentoo.org/show_bug.cgi?id=190697
190697 – dev-util/qgit < 1.5.7: Insecure temp file creation and/or "qprocess" USE-flag feature request (CVE-2007-4631)Patch
-
http://fedoranews.org/updates/FEDORA-2007-210.shtml
404 Not Found
-
http://sourceforge.net/project/shownotes.php?release_id=538002
Page not found - SourceForge.netPatch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/36503
-
http://secunia.com/advisories/26738
About Secunia Research | FlexeraVendor Advisory
-
http://security.gentoo.org/glsa/glsa-200710-05.xml
QGit: Insecure temporary file creation (GLSA 200710-05) — Gentoo security
-
http://www.securityfocus.com/bid/25618
Patch
-
https://bugzilla.redhat.com/show_bug.cgi?id=268381
268381 – (CVE-2007-4631) CVE-2007-4631 QGit insecure temporary file usage
-
http://www.vupen.com/english/advisories/2007/3107
Site en constructionVendor Advisory
Jump to