CVE-2007-3103
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-3103
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
X.Org XFS Init脚本创建不安全临时文件漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
X字体服务器(XFS)用于为X窗口系统渲染字体。 init或系统管理员启动XFS脚本的方式存在竞争条件错误,本地攻击者可能利用此漏洞提升自己的权限。 具体来讲,XFS不安全地更改了临时文件的权限,因此攻击者可以将系统上的任意文件更改为完全可写。成功利用这个漏洞允许攻击者在受影响系统上获得root权限,但必须重启系统或由管理员手动重启XFS才能利用这个漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-3103
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-3103
Please Login to view more intelligence information
- http://bugs.gentoo.org/show_bug.cgi?id=185660x_refsource_CONFIRM
- https://issues.rpath.com/browse/RPL-1485x_refsource_CONFIRM
- http://bugzilla.redhat.com/242903x_refsource_CONFIRM
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.htmlvendor-advisoryx_refsource_FEDORA
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.htmlvendor-advisoryx_refsource_FEDORA
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802vdb-entrysignaturex_refsource_OVAL
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557third-party-advisoryx_refsource_IDEFENSE
- https://nvd.nist.gov/vuln/detail/CVE-2007-3103
Same Patch Batch · n/a · 2007-07-15 · 44 CVEs total
| CVE-2007-2392 | Apple QuickTime内存破坏漏洞 | |
| CVE-2007-2396 | Apple QuickTime 任意代码执行安全漏洞 | |
| CVE-2007-2394 | Apple QuickTime 整数溢出漏洞 | |
| CVE-2007-2397 | Apple QuickTime远程任意代码执行漏洞 | |
| CVE-2007-3645 | FreeBSD libarchive畸形文档处理拒绝服务漏洞 | |
| CVE-2007-3673 | Symantec AntiVirus symtdi.sys驱动本地权限提升漏洞 | |
| CVE-2007-3768 | SurgeFTP PASV指令拒绝服务漏洞 | |
| CVE-2007-3769 | SurgeFTP 跨站脚本漏洞 | |
| CVE-2007-3770 | Xfce-Terminal远程命令注入漏洞 | |
| CVE-2007-2417 | Progress Software Progress和OpenEdge 缓冲区错误漏洞 | |
| CVE-2007-2393 | Apple QuickTime 安全机制绕过漏洞 | |
| CVE-2006-5277 | Cisco Unified Communications Manager单字节溢出漏洞 | |
| CVE-2007-3783 | enVivo!CMS default.asp SQL注入漏洞 | |
| CVE-2007-3782 | MySQL 权限许可漏洞 | |
| CVE-2007-3781 | MySQL访问验证漏洞 | |
| CVE-2007-3780 | MySQL 验证报文畸形口令拒绝服务漏洞 | |
| CVE-2007-3779 | Squirrelmail G/PGP (GPG) gpg_pop_init.php远程执行漏洞 | |
| CVE-2007-3778 | Squirrelmail G/PGP (GPG) Plugin gpg_hook_functions.php远程执行漏洞 | |
| CVE-2007-3777 | AVG Anti-Virus 本地特权提升漏洞 | |
| CVE-2007-3776 | Cisco Unified Communications Manager及Presence Server非授权访问敏感信息泄露漏洞 |
Showing top 20 of 44 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2007-3103
No comments yet