CVE-2007-6595
CVE-2007-6595
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://kolab.org/security/kolab-vendor-notice-19.txthttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.htmlhttp://secunia.com/advisories/28949http://secunia.com/advisories/29891http://secunia.com/advisories/31437http://security.gentoo.org/glsa/glsa-200808-07.xmlhttp://securityreason.com/securityalert/3501http://securitytracker.com/id?1019148https://exchange.xforce.ibmcloud.com/vulnerabilities/39335https://exchange.xforce.ibmcloud.com/vulnerabilities/39339http://www.debian.org/security/2008/dsa-1497http://www.mandriva.com/security/advisories?name=MDVSA-2008:088