Search for vulnerabilities
Vulnerability details: VCID-vs1q-ebdv-aaae
Vulnerability ID VCID-vs1q-ebdv-aaae
Aliases CVE-2007-6061
Summary Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-377 Insecure Temporary File
System Score Found at
epss 0.00110 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00110 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00110 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00110 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00509 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00627 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
epss 0.00908 https://api.first.org/data/v1/epss?cve=CVE-2007-6061
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=393251
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2007-6061
Reference id Reference type URL
http://bugs.gentoo.org/show_bug.cgi?id=199751
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6061.json
https://api.first.org/data/v1/epss?cve=CVE-2007-6061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
http://secunia.com/advisories/27841
http://secunia.com/advisories/29206
http://secunia.com/advisories/30191
http://security.gentoo.org/glsa/glsa-200803-03.xml
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00075.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00087.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:074
http://www.securityfocus.com/bid/26608
http://www.vupen.com/english/advisories/2007/4025
393251 https://bugzilla.redhat.com/show_bug.cgi?id=393251
453283 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283
cpe:2.3:a:audacityteam:audacity:1.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audacityteam:audacity:1.3.2:*:*:*:*:*:*:*
CVE-2007-6061 https://nvd.nist.gov/vuln/detail/CVE-2007-6061
GLSA-200803-03 https://security.gentoo.org/glsa/200803-03
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-6061
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.44953
EPSS Score 0.00110
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.