Vulnerability Description
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
CVSS Score
3.6
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Claws Mail | Claws Mail Tools | All versions |
Related Weaknesses (CWE)
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089
- http://osvdb.org/42478
- http://secunia.com/advisories/27897
- http://secunia.com/advisories/28402
- http://security.gentoo.org/glsa/glsa-200801-03.xml
- http://www.securityfocus.com/bid/26676
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089
- http://osvdb.org/42478
- http://secunia.com/advisories/27897
- http://secunia.com/advisories/28402
- http://security.gentoo.org/glsa/glsa-200801-03.xml
- http://www.securityfocus.com/bid/26676
FAQ
What is CVE-2007-6208?
CVE-2007-6208 is a vulnerability with a CVSS score of 3.6 (LOW). sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
How severe is CVE-2007-6208?
CVE-2007-6208 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6208?
Check the references section above for vendor advisories and patch information. Affected products include: Claws Mail Claws Mail Tools.