CVE-2007-4998

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 31-01-2008 10:00

Last modified: - 23-01-2023 07:44

Total changes: - 8

Description

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:M/Au:N/C:C/I:C/A:C

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Privileges required

Scope

User interaction

6.9

Base score

3.4

10.0

Exploitability score

Impact score

Verification logic

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=356471
https://issues.rpath.com/browse/RPL-2023
43228-

Keywords

CVE-2007-4998

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2007-4998

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures