CVE-2007-2030

8 documents6 sources

Severity

4.9MEDIUM

EPSS

0.1%

top 76.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Linux Redhat Fedora Core

Timeline

PublishedApr 16

Latest updateMay 1

Description

lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDredhat/fedora_corecore_5.0

Also affects: Enterprise Linux 2.1, 3.0, 4.0

🔴Vulnerability Details

GHSA

GHSA-cm49-6pc4-f8jg: lharc↗2022-05-01

▶

CVEList

CVE-2007-2030: lharc↗2007-04-16

▶

💥Exploits & PoCs

Exploit-DB

Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service↗2007-08-27

▶

Exploit-DB

Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service↗2007-08-27

▶

📋Vendor Advisories

Red Hat

/tmp race in lha↗2006-01-13

▶

💬Community

Bugzilla

CVE-2007-2030 /tmp race in lha↗2007-04-16

▶

Bugzilla

CVE-2007-2030 /tmp race in lha↗2007-04-16

▶