CVE-2007-6061 — Link Following in Audacity

CWE-59 — Link Following CWE-377 — Insecure Temporary File8 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 24.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Audacityteam Audacity

Timeline

PublishedNov 20

Latest updateMay 1

Description

Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianaudacityteam/audacity< 1.3.4-1.1+3

▶NVDaudacityteam/audacity1.3.2

Patches

Patch: bugs.gentoo.org ↗Patch: bugs.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-3pxp-pwrp-2w6f: Audacity 1↗2022-05-01

▶

CVEList

CVE-2007-6061: Audacity 1↗2007-11-20

▶

OSV

CVE-2007-6061: Audacity 1↗2007-11-20

▶

📋Vendor Advisories

Red Hat

Audacity insecure temporary file handling↗2007-11-20

▶

Debian

CVE-2007-6061: audacity - Audacity 1.3.2 creates a temporary directory with a predictable name without che...↗2007

▶

💬Community

Bugzilla

CVE-2007-6061: insecure tmpfile handling↗2008-03-06

▶

Bugzilla

CVE-2007-6061 Audacity insecure temporary file handling↗2007-11-20

▶