CVE-2007-6131

CWE-165 documents5 sources

Severity

2.1LOW

EPSS

0.1%

top 77.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Fedora Core

Timeline

PublishedNov 26

Latest updateMay 1

Description

buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDredhat/fedora_coref7

🔴Vulnerability Details

GHSA

GHSA-63hp-2j26-qmh4: buttonpressed↗2022-05-01

▶

CVEList

CVE-2007-6131: buttonpressed↗2007-11-26

▶

📋Vendor Advisories

Red Hat

scanbuttond: unsafe usage of temporary files in buttonpressed.sh↗2007-11-14

▶

💬Community

Bugzilla

CVE-2007-6131 scanbuttond: unsafe usage of temporary files in buttonpressed.sh↗2007-11-14

▶