2.1

CVE-2004-0966

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGettext Version0.14.1
UbuntuUbuntu Linux Version4.1 Editionia64
UbuntuUbuntu Linux Version4.1 Editionppc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.315
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323
http://marc.info/?l=bugtraq&m=110382652226638&w=2
http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html
http://www.securityfocus.com/bid/11282
Patch
Vendor Advisory
http://www.trustix.org/errata/2004/0050
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
https://www.ubuntu.com/usn/usn-5-1/