#VU33705 Input validation error in id3lib - CVE-2007-4460


| Updated: 2020-08-04

Vulnerability identifier: #VU33705

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2007-4460

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
id3lib
Universal components / Libraries / Libraries used by multiple products

Vendor: id3lib.sourceforge.net

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged.

Mitigation
Install update from vendor's website.

Vulnerable software versions

id3lib: 3.8.3

External links
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438540
https://secunia.com/advisories/26536
https://secunia.com/advisories/26646
https://secunia.com/advisories/26793
https://secunia.com/advisories/26818
https://secunia.com/advisories/26987
https://security.gentoo.org/glsa/glsa-200709-08.xml
https://www.debian.org/security/2007/dsa-1365
https://www.mandriva.com/security/advisories?name=MDKSA-2007:180
https://www.novell.com/linux/security/advisories/2007_19_sr.html
https://www.securityfocus.com/bid/25372
https://www.securitytracker.com/id?1018667
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253553

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Input validation error in id3lib (Alpine package)
Gentoo update for id3lib
Input validation error in id3lib.sourceforge.net id3lib