CVE-2003-1294

Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xscreensaver:xscreensaver:4.05_5cl:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.05_6:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.05_6a:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.05_150:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.07_2:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.08_29135cl:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.09_0:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_4:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_6:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_8:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_15:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.11_0:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.12_58:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.12_62:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_0:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_2:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_4:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2003-12-31 05:00

Updated : 2024-02-04 16:31


NVD link : CVE-2003-1294

Mitre link : CVE-2003-1294

CVE.ORG link : CVE-2003-1294


JSON object : View

Products Affected

xscreensaver

  • xscreensaver