Уязвимость CVE-2007-4631: Информация
Описание
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
http://bugs.gentoo.org/show_bug.cgi?id=190697 |
|
https://bugzilla.redhat.com/show_bug.cgi?id=268381 | |
http://sourceforge.net/project/shownotes.php?release_id=538002 |
|
http://sourceforge.net/project/shownotes.php?release_id=538002&group_id=139897 |
|
FEDORA-2007-2108 | |
GLSA-200710-05 | |
25618 |
|
26745 |
|
26738 |
|
27098 |
|
ADV-2007-3107 |
|
qgit-dataloader-symlink(36503) |