CVE-2007-0007 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-0007 Interim 1 10 2025-04-12T23:29:21Z current 2021-05-30T12:37:36Z 2025-04-12T23:29:21Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-0007 gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed gnucash-2.2.7-1.35 gnucash-4.6-1.3 gnucash-devel-2.2.7-1.35 gnucash-devel-4.6-1.3 gnucash-lang-2.2.7-1.35 gnucash-lang-4.6-1.3 python3-gnucash-4.6-1.3 gnucash-2.2.7-1.35 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 gnucash-devel-2.2.7-1.35 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 gnucash-lang-2.2.7-1.35 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 gnucash-4.6-1.3 as a component of openSUSE Tumbleweed gnucash-devel-4.6-1.3 as a component of openSUSE Tumbleweed gnucash-lang-4.6-1.3 as a component of openSUSE Tumbleweed python3-gnucash-4.6-1.3 as a component of openSUSE Tumbleweed gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files. CVE-2007-0007 SUSE Linux Enterprise Software Development Kit 11 SP4:gnucash-2.2.7-1.35 SUSE Linux Enterprise Software Development Kit 11 SP4:gnucash-devel-2.2.7-1.35 SUSE Linux Enterprise Software Development Kit 11 SP4:gnucash-lang-2.2.7-1.35 openSUSE Tumbleweed:gnucash-4.6-1.3 openSUSE Tumbleweed:gnucash-devel-4.6-1.3 openSUSE Tumbleweed:gnucash-lang-4.6-1.3 openSUSE Tumbleweed:python3-gnucash-4.6-1.3 low 3.6 AV:L/AC:L/Au:N/C:N/I:P/A:P