Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0021.html | |
http://secunia.com/advisories/10104 | Vendor Advisory |
http://securitytracker.com/id?1008014 | Exploit Vendor Advisory |
http://www.securityfocus.com/archive/1/342476 | Exploit Vendor Advisory |
http://www.securityfocus.com/bid/8899 | Exploit Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/13520 |
Configurations
History
No history.
Information
Published : 2003-10-27 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2003-1139
Mitre link : CVE-2003-1139
CVE.ORG link : CVE-2003-1139
JSON object : View
Products Affected
musicqueue
- musicqueue
CWE