CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0100

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile41.86th
PublishedJan 8, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server.

Affected Platforms (CPE)

πŸ“¦
Perforce

Perforce Client

All versions

References & Advisories

πŸ”— http://osvdb.org/33369
πŸ”— http://www.securityfocus.com/archive/1/455977/100/0/threaded
πŸ”— http://osvdb.org/33369
πŸ”— http://www.securityfocus.com/archive/1/455977/100/0/threaded

Related Vulnerabilities

CVE-2010-09347.1

The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary ...

CVE-2010-09305.0

The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via ...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...