Lucene search
PRIOn knowledge basePRION:CVE-2007-4631HistoryAug 31, 2007 - 10:17 p.m.
Code injection
2007-08-3122:17:00
PRIOn knowledge base
www.prio-n.com
2
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
| CPE | Name | Operator | Version |
|---|---|---|---|
| qgit | eq | 1.5.6-2pre1 |
References
bugs.gentoo.org/show_bug.cgi?id=190697
fedoranews.org/updates/FEDORA-2007-210.shtml
secunia.com/advisories/26738
secunia.com/advisories/26745
secunia.com/advisories/27098
security.gentoo.org/glsa/glsa-200710-05.xml
sourceforge.net/project/shownotes.php?release_id=538002
sourceforge.net/project/shownotes.php?release_id=538002&group_id=139897
www.securityfocus.com/bid/25618
www.vupen.com/english/advisories/2007/3107
bugzilla.redhat.com/show_bug.cgi?id=268381
exchange.xforce.ibmcloud.com/vulnerabilities/36503
Related
nessus
nessus
Fedora 7 : qgit-1.5.7-1.fc7 (2007-2108)
2007-11-06 00:00:00
GLSA-200710-05 : QGit: Insecure temporary file creation
2007-10-09 00:00:00
gentoo
gentoo
QGit: Insecure temporary file creation
2007-10-07 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200710-05 (qgit)
2008-09-24 00:00:00
Fedora Update for qgit FEDORA-2007-2108
2009-02-27 00:00:00
Fedora Update for qgit FEDORA-2007-2108
2009-02-27 00:00:00
cve
cve
CVE-2007-4631
2007-08-31 22:17:00
cvelist
cvelist
CVE-2007-4631
2007-08-31 22:00:00
nvd
nvd
CVE-2007-4631
2007-08-31 22:17:00
securityvulns
securityvulns
QGit git repository graphical interface symbolic links
2007-10-08 00:00:00
[ GLSA 200710-05 ] QGit: Insecure temporary file creation
2007-10-08 00:00:00
debiancve
debiancve
CVE-2007-4631
2007-08-31 22:17:00
fedora
fedora
[SECURITY] Fedora 7 Update: qgit-1.5.7-1.fc7
2007-09-10 16:54:48
ubuntucve
ubuntucve
CVE-2007-4631
2007-08-31 00:00:00