CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-0100

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile41.86th
Published2007年1月8日
Last Modified2026年4月23日

Vulnerability Description

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server.

Affected Platforms (CPE)

📦
Perforce

Perforce Client

All versions

References & Advisories

🔗 http://osvdb.org/33369
🔗 http://www.securityfocus.com/archive/1/455977/100/0/threaded
🔗 http://osvdb.org/33369
🔗 http://www.securityfocus.com/archive/1/455977/100/0/threaded

関連する脆弱性情報

CVE-2010-09347.1

The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary ...

CVE-2010-09305.0

The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via ...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...