2.1

CVE-2004-0996

Exploit
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CscopeCscope Version13.0
CscopeCscope Version15.1
CscopeCscope Version15.3
CscopeCscope Version15.4
CscopeCscope Version15.5
DebianDebian Linux Version3.0
DebianDebian Linux Version3.0 Editionalpha
DebianDebian Linux Version3.0 Editionarm
DebianDebian Linux Version3.0 Editionhppa
DebianDebian Linux Version3.0 Editionia-32
DebianDebian Linux Version3.0 Editionia-64
DebianDebian Linux Version3.0 Editionm68k
DebianDebian Linux Version3.0 Editionmips
DebianDebian Linux Version3.0 Editionmipsel
DebianDebian Linux Version3.0 Editionppc
DebianDebian Linux Version3.0 Editions-390
DebianDebian Linux Version3.0 Editionsparc
ScoUnixware Version7.1.1
ScoUnixware Version7.1.3
ScoUnixware Version7.1.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.15% 0.626
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://secunia.com/advisories/26235
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
http://marc.info/?l=bugtraq&m=110133485519690&w=2
http://www.debian.org/security/2004/dsa-610
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
http://www.securityfocus.com/archive/1/381443
http://www.securityfocus.com/archive/1/381506
http://www.securityfocus.com/archive/1/381611
http://www.securityfocus.com/bid/11697
Patch
Vendor Advisory
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/18125