CVE-2007-3024

libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90_rc1.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90_rc2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90_rc3:*:*:*:*:*:*:*

History

21 Nov 2024, 00:32

Type Values Removed Values Added
References () http://kolab.org/security/kolab-vendor-notice-15.txt - () http://kolab.org/security/kolab-vendor-notice-15.txt -
References () http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html - Patch () http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html - Patch
References () http://secunia.com/advisories/25523 - () http://secunia.com/advisories/25523 -
References () http://secunia.com/advisories/25525 - () http://secunia.com/advisories/25525 -
References () http://secunia.com/advisories/25688 - () http://secunia.com/advisories/25688 -
References () http://secunia.com/advisories/25796 - () http://secunia.com/advisories/25796 -
References () http://security.gentoo.org/glsa/glsa-200706-05.xml - () http://security.gentoo.org/glsa/glsa-200706-05.xml -
References () http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog - () http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog -
References () http://www.debian.org/security/2007/dsa-1320 - () http://www.debian.org/security/2007/dsa-1320 -
References () http://www.novell.com/linux/security/advisories/2007_33_clamav.html - () http://www.novell.com/linux/security/advisories/2007_33_clamav.html -
References () http://www.securityfocus.com/bid/24358 - () http://www.securityfocus.com/bid/24358 -
References () https://wwws.clamav.net/bugzilla/show_bug.cgi?id=517 - Patch () https://wwws.clamav.net/bugzilla/show_bug.cgi?id=517 - Patch

Information

Published : 2007-06-07 22:30

Updated : 2024-11-21 00:32


NVD link : CVE-2007-3024

Mitre link : CVE-2007-3024

CVE.ORG link : CVE-2007-3024


JSON object : View

Products Affected

clam_anti-virus

  • clamav