Name | CVE-2007-4460 |
Description | The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DSA-1365-1, DSA-1365-2, DSA-1365-3 |
Debian Bugs | 438540 |
The table below lists information on source packages.
The information below is based on the following data on fixed versions.