CVE-2007-3919
Published Oct 28, 2007
Last updated 7 years ago
Overview
- Description
- (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 9.2
- Exploitability score
- 2.7
- Vector string
- AV:L/AC:M/Au:S/C:N/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-59
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatRed Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3919 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4567FE5A-5061-4741-AA6D-4AB365579F8D"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xensource_inc:xen:3.0.3_0_1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "278D8FBA-B10E-464B-A7FE-F5B357055101"
},
{
"criteria": "cpe:2.3:a:xensource_inc:xen:3.0.3_0_3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7041F87C-35C0-45B1-82F2-E02F303698FD"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]