Search for vulnerabilities
Vulnerability details: VCID-uq9j-1t6h-aaan
Vulnerability ID VCID-uq9j-1t6h-aaan
Aliases CVE-2007-6595
Summary ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-59 Improper Link Resolution Before File Access ('Link Following')
System Score Found at
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2007-6595
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=427285
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2007-6595
Reference id Reference type URL
http://kolab.org/security/kolab-vendor-notice-19.txt
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6595.json
https://api.first.org/data/v1/epss?cve=CVE-2007-6595
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595
http://secunia.com/advisories/28949
http://secunia.com/advisories/29891
http://secunia.com/advisories/31437
http://security.gentoo.org/glsa/glsa-200808-07.xml
http://securityreason.com/securityalert/3501
http://securitytracker.com/id?1019148
https://exchange.xforce.ibmcloud.com/vulnerabilities/39335
https://exchange.xforce.ibmcloud.com/vulnerabilities/39339
http://www.debian.org/security/2008/dsa-1497
http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
http://www.securityfocus.com/archive/1/485631/100/0/threaded
http://www.securityfocus.com/bid/27064
http://www.vupen.com/english/advisories/2008/0606
427285 https://bugzilla.redhat.com/show_bug.cgi?id=427285
458532 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458532
cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:*
CVE-2007-6595 https://nvd.nist.gov/vuln/detail/CVE-2007-6595
GLSA-200808-07 https://security.gentoo.org/glsa/200808-07
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2007-6595
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.04875
EPSS Score 0.00028
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.