CVE-2007-3103

N/A Unknown
Published: July 15, 2007 Modified: April 23, 2026
View on NVD

Description

The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=185660
Source: secalert@redhat.com
http://bugzilla.redhat.com/242903
Source: secalert@redhat.com
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557
Source: secalert@redhat.com
Patch
http://osvdb.org/40945
Source: secalert@redhat.com
http://secunia.com/advisories/26056
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/26081
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/26282
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/27240
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35674
Source: secalert@redhat.com
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200710-11.xml
Source: secalert@redhat.com
http://www.debian.org/security/2007/dsa-1342
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0519.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0520.html
Source: secalert@redhat.com
http://www.securityfocus.com/archive/1/473869/100/0/threaded
Source: secalert@redhat.com
http://www.securityfocus.com/bid/24888
Source: secalert@redhat.com
http://www.securitytracker.com/id?1018375
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/35375
Source: secalert@redhat.com
https://issues.rpath.com/browse/RPL-1485
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802
Source: secalert@redhat.com
https://www.exploit-db.com/exploits/5167
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html
Source: secalert@redhat.com
http://bugs.gentoo.org/show_bug.cgi?id=185660
Source: af854a3a-2127-422b-91ae-364da2661108
http://bugzilla.redhat.com/242903
Source: af854a3a-2127-422b-91ae-364da2661108
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://osvdb.org/40945
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26056
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/26081
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/26282
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/27240
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35674
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200710-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2007/dsa-1342
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0519.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0520.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/473869/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/24888
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1018375
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/35375
Source: af854a3a-2127-422b-91ae-364da2661108
https://issues.rpath.com/browse/RPL-1485
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/5167
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html
Source: af854a3a-2127-422b-91ae-364da2661108

44 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
24th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-59

Affected Vendors

redhat fedoraproject

Related CVEs

CVE-2021-47981 5.4
CVE-2021-47980 7.1
CVE-2021-47979 8.8
CVE-2021-47978 6.2
CVE-2021-47977 7.5