Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-3531
HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3531

2007-07-2517:30:00
mitre
web.nvd.nist.gov
31
nvd
nvidia
nvclock
vulnerability
symlink attack
file overwrite

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

AI Score

6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.

Affected configurations

Nvd
Node
gentoolinuxMatch1.1a
OR
gentoolinuxMatch1.2
OR
gentoolinuxMatch1.4
OR
gentoolinuxMatch1.4rc1
OR
gentoolinuxMatch1.4rc2
OR
gentoolinuxMatch1.4rc3
AND
gentoonvclockRange0.7
VendorProductVersionCPE
gentoolinux1.1acpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*
gentoolinux1.2cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*
gentoolinux1.4cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
gentoolinux1.4cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*
gentoolinux1.4cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*
gentoolinux1.4cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*
gentoonvclock*cpe:2.3:a:gentoo:nvclock:*:*:*:*:*:*:*:*

Related

prion 1
securityvulns 2
nvd 1
openvas 2
nessus 1
cvelist 1
ubuntucve 1
gentoo 1
prion
prion
Design/Logic Flaw
2007-07-25 17:30:00
securityvulns
securityvulns
NVClock symbolic links vulnerability
2007-07-25 00:00:00
[Full-disclosure] [ GLSA 200707-08 ] NVClock: Insecure file usage
2007-07-25 00:00:00
nvd
nvd
CVE-2007-3531
2007-07-25 17:30:00
openvas
openvas
Gentoo Security Advisory GLSA 200707-08 (nvclock)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200707-08 (nvclock)
2008-09-24 00:00:00
nessus
nessus
GLSA-200707-08 : NVClock: Insecure file usage
2007-07-27 00:00:00
cvelist
cvelist
CVE-2007-3531
2007-07-25 17:00:00
ubuntucve
ubuntucve
CVE-2007-3531
2007-07-25 00:00:00
gentoo
gentoo
NVClock: Insecure file usage
2007-07-24 00:00:00

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

AI Score

6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2007-3531
prion1securityvulns2nvd1openvas2nessus1cvelist1ubuntucve1gentoo1