FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-02 20:06:50 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
15ec9123-7061-11dc-b372-001921ab2fa4	id3lib -- insecure temporary file creation Debian Bug report log reports: When tagging file $foo, a temporary copy of the file is created, and for some reason, libid3 doesn't use mkstemp but just creates $foo.XXXXXX literally, without any checking. This would silently truncate and overwrite an existing $foo.XXXXXX. Discovery 2007-08-20 Entry 2007-10-01 Modified 2007-10-01 id3lib < 3.8.3_4 25372 CVE-2007-4460

VuXML ID

Description

15ec9123-7061-11dc-b372-001921ab2fa4

id3lib -- insecure temporary file creation

Debian Bug report log reports:

When tagging file $foo, a temporary copy of the file is created, and for some reason, libid3 doesn't use mkstemp but just creates $foo.XXXXXX literally, without any checking.

This would silently truncate and overwrite an existing $foo.XXXXXX.

Discovery 2007-08-20
Entry 2007-10-01
Modified 2007-10-01
id3lib

< 3.8.3_4

25372
CVE-2007-4460