CVE-2007-3531 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-3531

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.

Affected Software

Name	Vendor	Start Version	End Version
Linux	Gentoo	1.1a (including)	1.1a (including)
Linux	Gentoo	1.2 (including)	1.2 (including)
Linux	Gentoo	1.4 (including)	1.4 (including)
Linux	Gentoo	1.4-rc1 (including)	1.4-rc1 (including)
Linux	Gentoo	1.4-rc2 (including)	1.4-rc2 (including)
Linux	Gentoo	1.4-rc3 (including)	1.4-rc3 (including)

References

http://bugs.gentoo.org/show_bug.cgi?id=184071
http://osvdb.org/38573
http://secunia.com/advisories/26200
http://secunia.com/advisories/26208
http://security.gentoo.org/glsa/glsa-200707-08.xml
http://www.securityfocus.com/bid/25052
https://exchange.xforce.ibmcloud.com/vulnerabilities/35584