Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6209

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2007-6209
Last Modified 15 Nov 2008 02:03:48
Published 03 Dec 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-6209

Summary

Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Vulnerable Systems

Application

  • Zsh 4.3.4


References

MISC - https://bugs.gentoo.org/show_bug.cgi?id=201022

XF - zsh-difflog-symlink(38812)

MLIST - [zsh-workers] 20071203 Re: difflog.pl and "security"

MLIST - [zsh-workers] 20071202 difflog.pl and "security"

BID - 26674

SECUNIA - 27899

OSVDB - 42481


Last Updated: 27 May 2016 10:46:24