gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2007-11-08 11:46
Updated : 2023-12-10 10:40
NVD link : CVE-2007-3921
Mitre link : CVE-2007-3921
CVE.ORG link : CVE-2007-3921
JSON object : View
Products Affected
gforge
- gforge
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')