Mandriva Update For Gnucash MDKSA-2007:046 (gnucash) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files. Updated package have been patched to correct this issue.

Affected

gnucash on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2007-0007
CVSS Base Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Mandriva Update for gd MDVSA-2008:038 (gd)
Mandriva Update for mysql MDVSA-2010:155 (mysql)
Mandriva Update for wireshark MDVSA-2012:080 (wireshark)
Mandriva Update for php-apc MDVA-2011:068 (php-apc)
Mandriva Update for evolution MDVA-2010:047 (evolution)

Mandriva Update for gnucash MDKSA-2007:046 (gnucash)

Take action and discover your vulnerabilities