CVE - CVE-2007-3103

CVE-ID
CVE-2007-3103	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
IDEFENSE:20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557 BUGTRAQ:20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs URL:http://www.securityfocus.com/archive/1/473869/100/0/threaded EXPLOIT-DB:5167 URL:https://www.exploit-db.com/exploits/5167 CONFIRM:http://bugzilla.redhat.com/242903 CONFIRM:https://issues.rpath.com/browse/RPL-1485 CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=185660 DEBIAN:DSA-1342 URL:http://www.debian.org/security/2007/dsa-1342 FEDORA:FEDORA-2009-3651 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html FEDORA:FEDORA-2009-3666 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html GENTOO:GLSA-200710-11 URL:http://security.gentoo.org/glsa/glsa-200710-11.xml REDHAT:RHSA-2007:0519 URL:http://www.redhat.com/support/errata/RHSA-2007-0519.html REDHAT:RHSA-2007:0520 URL:http://www.redhat.com/support/errata/RHSA-2007-0520.html BID:24888 URL:http://www.securityfocus.com/bid/24888 OSVDB:40945 URL:http://osvdb.org/40945 OVAL:oval:org.mitre.oval:def:10802 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802 SECTRACK:1018375 URL:http://www.securitytracker.com/id?1018375 SECUNIA:26081 URL:http://secunia.com/advisories/26081 SECUNIA:26282 URL:http://secunia.com/advisories/26282 SECUNIA:26056 URL:http://secunia.com/advisories/26056 SECUNIA:27240 URL:http://secunia.com/advisories/27240 SECUNIA:35674 URL:http://secunia.com/advisories/35674 XF:redhat-xfs-privilege-escalation(35375) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/35375
Assigning CNA
N/A
Date Entry Created
20070607	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070607)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org