Unrated severityNVD Advisory· Published Oct 12, 2007· Updated Apr 23, 2026

CVE-2007-5377

Description

The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Affected products

GNU/Tramp
cpe:2.3:a:gnu:tramp:2.1.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.gentoo.org/show_bug.cginvd
lists.gnu.org/archive/html/emacs-devel/2007-10/msg00132.htmlnvd
lists.gnu.org/archive/html/emacs-devel/2007-10/msg00158.htmlnvd
osvdb.org/41752nvd
secunia.com/advisories/27244nvd
secunia.com/advisories/27343nvd
www.gentoo.org/security/en/glsa/glsa-200710-22.xmlnvd
www.securityfocus.com/bid/26072nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000