1. Home
  2. CVE Database
  3. CVE-2007-2056
NONE · 0

CVE-2007-2056

Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-...

Vulnerability Description

Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted the original advisory, stating that "the portion of vulnerable code is not called in any current version of AFFLIB and is therefore not exploitable.

FAQ

What is CVE-2007-2056?

CVE-2007-2056 is a documented vulnerability. Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-...

How severe is CVE-2007-2056?

CVSS scoring is not yet available for CVE-2007-2056. Check NVD for updates.

Is there a patch for CVE-2007-2056?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.