Mandriva Update For Gnucash MDKSA-2007:046 (gnucash) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files. Updated package have been patched to correct this issue.

Affected

gnucash on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2007-0007

CVSS	Base Score: 3.6 AV:L/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Mandriva Update for gcc MDVSA-2008:066 (gcc)
Mandriva Update for libxt MDVA-2010:237 (libxt)
Mandriva Update for wireshark MDVSA-2012:042 (wireshark)
Mandriva Update for wml MDVSA-2008:076 (wml)
Mandriva Update for nss_db MDVSA-2010:077 (nss_db)

Mandriva Update for gnucash MDKSA-2007:046 (gnucash)

Take action and discover your vulnerabilities