Oval Definition:oval:org.opensuse.security:def:20074460
Revision Date:2022-09-02Version:1
Title:CVE-2007-4460
Description:

The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-4460
Mitre CVE-2007-4460
SUSE CVE-2007-4460
SUSE-SR:2007:019
SUSE-SR:2007:019
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
openSUSE 13.2
openSUSE Leap 42.1
openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
SUSE LINUX 10.0
SUSE LINUX 10.1
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP5
Product(s):
Definition Synopsis
  • openSUSE 13.2 is installed
  • AND id3lib-3.8.3-264.1.5 is installed
    • Definition Synopsis
  • openSUSE Leap 42.1 is installed
  • AND Package Information
  • id3lib-3.8.3-267.6 is installed
  • AND id3lib is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • id3lib-3.8.3-268.10 is installed
  • AND id3lib is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND id3lib-3.8.3-261.135 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND id3lib-3.8.3-261.135 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND id3lib-3.8.3-261.135 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND id3lib-3.8.3-261 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND id3lib-3.8.3-261 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND id3lib-3.8.3-261 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND id3lib-3.8.3-261 is installed
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • id3lib-3.8.3-270 is installed
  • AND id3lib is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND id3lib-3.8.3-261 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
  • AND id3lib-3.8.3-261 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • id3lib-3.8.3-266.5 is installed
  • OR id3lib-32bit-3.8.3-266.5 is installed
  • OR id3lib-devel-3.8.3-266.5 is installed
  • OR id3lib-examples-3.8.3-266.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
  • AND id3lib-3.8.3-261.135 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
  • AND id3lib-3.8.3-261.135 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND id3lib-3.8.3-261.135 is installed
    • BACK