CVE - CVE-2007-3103

CVE-ID
CVE-2007-3103	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1018375 URL:http://www.securitytracker.com/id?1018375 MISC:20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557 MISC:20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs URL:http://www.securityfocus.com/archive/1/473869/100/0/threaded MISC:24888 URL:http://www.securityfocus.com/bid/24888 MISC:26056 URL:http://secunia.com/advisories/26056 MISC:26081 URL:http://secunia.com/advisories/26081 MISC:26282 URL:http://secunia.com/advisories/26282 MISC:27240 URL:http://secunia.com/advisories/27240 MISC:35674 URL:http://secunia.com/advisories/35674 MISC:40945 URL:~~http://osvdb.org/40945~~ (Obsolete source) MISC:5167 URL:https://www.exploit-db.com/exploits/5167 MISC:DSA-1342 URL:http://www.debian.org/security/2007/dsa-1342 MISC:FEDORA-2009-3651 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html MISC:FEDORA-2009-3666 URL:https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html MISC:GLSA-200710-11 URL:http://security.gentoo.org/glsa/glsa-200710-11.xml MISC:RHSA-2007:0519 URL:http://www.redhat.com/support/errata/RHSA-2007-0519.html MISC:RHSA-2007:0520 URL:http://www.redhat.com/support/errata/RHSA-2007-0520.html MISC:http://bugs.gentoo.org/show_bug.cgi?id=185660 URL:http://bugs.gentoo.org/show_bug.cgi?id=185660 MISC:http://bugzilla.redhat.com/242903 URL:http://bugzilla.redhat.com/242903 MISC:https://issues.rpath.com/browse/RPL-1485 URL:https://issues.rpath.com/browse/RPL-1485 MISC:oval:org.mitre.oval:def:10802 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802 MISC:redhat-xfs-privilege-escalation(35375) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/35375
Assigning CNA
Red Hat, Inc.
Date Record Created
20070607	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070607)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.