Search for vulnerabilities
Vulnerability details: VCID-s7bp-nx6d-aaah
Vulnerability ID VCID-s7bp-nx6d-aaah
Aliases CVE-2007-3024
Summary libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
Status Published
Exploitability 0.5
Weighted Severity 1.9
Risk 0.9
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
epss 0.0006 https://api.first.org/data/v1/epss?cve=CVE-2007-3024
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2007-3024
Reference id Reference type URL
http://kolab.org/security/kolab-vendor-notice-15.txt
http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html
https://api.first.org/data/v1/epss?cve=CVE-2007-3024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3024
http://secunia.com/advisories/25523
http://secunia.com/advisories/25525
http://secunia.com/advisories/25688
http://secunia.com/advisories/25796
http://security.gentoo.org/glsa/glsa-200706-05.xml
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=517
http://www.debian.org/security/2007/dsa-1320
http://www.novell.com/linux/security/advisories/2007_33_clamav.html
http://www.securityfocus.com/bid/24358
cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90_rc1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90_rc1.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90_rc2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90_rc2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90_rc3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90_rc3:*:*:*:*:*:*:*
CVE-2007-3024 https://nvd.nist.gov/vuln/detail/CVE-2007-3024
GLSA-200706-05 https://security.gentoo.org/glsa/200706-05
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2007-3024
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.05128
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.