CVE-2010-2056

medium

Description

GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

References

https://bugzilla.redhat.com/show_bug.cgi?id=599621

http://www.vupen.com/english/advisories/2010/1757

http://www.osvdb.org/66249

http://secunia.com/advisories/40532

http://secunia.com/advisories/40475

http://savannah.gnu.org/forum/forum.php?forum_id=6368

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043948.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043913.html

Details

Source: Mitre, NVD

Published: 2010-07-22

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00042