Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4462

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2007-4462
Last Modified 05 Sep 2008 05:28:17
Published 21 Aug 2007 05:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4462

Summary

lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.

Vulnerable Systems

Application

  • Po4a 0.31


References

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253541

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=189440

BID - 25402

GENTOO - GLSA-200709-04

SECUNIA - 26810

SECUNIA - 26492

CONFIRM - http://alioth.debian.org/frs/shownotes.php?release_id=1019


Last Updated: 27 May 2016 10:45:52