exploits , vulnerabilities , articles , QGit DataLoader::doStart Function Local Privilege Escalation Vulnerability

Title	QGit DataLoader::doStart Function Local Privilege Escalation Vulnerability
Published	2007-09-10-12:00AM
Updated	2007-10-09-07:38PM
Class	Design Error
CVE	CVE-2007-4631
Remote	No
Local	Yes
Credit	Raphael Marichez is credited with the discovery of this vulnerability.
Vulnerable	QGit QGit 1.5.6 QGit QGit 1.5.5 QGit QGit 1.5.4 QGit QGit 1.5.3 QGit QGit 1.5.2 QGit QGit 1.5.1 Gentoo Linux
Not Vulnerable	QGit QGit 1.5.7
Code	An exploit is not required to leverage this issue. An attacker merely has to gain local interactive access and construct a malicious symlink file.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
• 2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
• 2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
• 2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
• 2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
• 2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
• 2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
• 2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
• 2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
• 2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 15:01:36 +0000