CVE-2007-3103 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-3103 PUBLISHED CVSS 6.199999809265137 MEDIUM

The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.

EPSS 0.08% · 23.9th percentile

Risk Scores

CVSS v2.0

6.199999809265137

EPSS Score

0.08%

23.9th percentile

Affected Products

Vendor	Product	Versions
fedoraproject	fedora_core	6.0
redhat	enterprise_linux	4.0, 4.0, 4.0
redhat	linux
n/a	n/a	n/a
redhat	enterprise_linux_desktop	4.0

Timeline

Jul 15, 2007 CVE Published
Feb 21, 2008 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

oval:org.mitre.oval:def:10802 vdb
35674 third-party-advisory
24888 vdb
RHSA-2007:0520 vendor-advisory
26081 third-party-advisory
DSA-1342 vendor-advisory
https://issues.rpath.com/browse/RPL-1485 url
27240 third-party-advisory
26056 third-party-advisory
20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs mailing-list
5167 exploit
1018375 vdb
GLSA-200710-11 vendor-advisory
FEDORA-2009-3666 vendor-advisory
http://bugzilla.redhat.com/242903 url
redhat-xfs-privilege-escalation(35375) vdb
20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability third-party-advisory
26282 third-party-advisory
RHSA-2007:0519 vendor-advisory
40945 vdb

…and 3 more

Open in Interactive Console →