NVD

Id
57442  
Name
CVE-2007-5377  
Description
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-10-11  
Modified Date
2011-03-07  
Seq
2007-5377  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
293740 57442 CVE-2007-5377 http://bugs.gentoo.org/show_bug.cgi?id=194713  View
293741 57442 CVE-2007-5377 [emacs-devel] 20071003 temp file hole?  View
293742 57442 CVE-2007-5377 [emacs-devel] 20071004 Re: temp file hole?  View
293743 57442 CVE-2007-5377 GLSA-200710-22  View
293744 57442 CVE-2007-5377 26072  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
54068 JVNDB-2007-002760 Emacs の Tramp 拡張における任意のファイルを上書きされる脆弱性 Emacs の Tramp 拡張の (1) tramp-make-temp-file 関数 (2) tramp-make-tramp-temp-file 関数には、任意のファイルを上書きされる脆弱性が存在します。 CVE-2007-5377 28732 CVE-2007-5377 57442 6.9 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002760.html 2007-10-04 2012-06-26 View