KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
References
Configurations
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 - Broken Link | |
References | () http://marc.info/?l=bugtraq&m=109225538901170&w=2 - Mailing List | |
References | () http://secunia.com/advisories/12276/ - Broken Link, Patch, Vendor Advisory | |
References | () http://security.gentoo.org/glsa/glsa-200408-13.xml - Third Party Advisory | |
References | () http://www.debian.org/security/2004/dsa-539 - Third Party Advisory | |
References | () http://www.kde.org/info/security/advisory-20040811-1.txt - Patch, Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16963 - Third Party Advisory, VDB Entry | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334 - Broken Link |
26 Jan 2024, 17:06
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.1 |
CWE | CWE-59 | |
CPE | cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:* | |
References | (SECUNIA) http://secunia.com/advisories/12276/ - Broken Link, Patch, Vendor Advisory | |
References | (GENTOO) http://security.gentoo.org/glsa/glsa-200408-13.xml - Third Party Advisory | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=109225538901170&w=2 - Mailing List | |
References | (DEBIAN) http://www.debian.org/security/2004/dsa-539 - Third Party Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/16963 - Third Party Advisory, VDB Entry | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334 - Broken Link | |
References | (CONECTIVA) http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 - Broken Link |
Information
Published : 2004-09-28 04:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0689
Mitre link : CVE-2004-0689
CVE.ORG link : CVE-2004-0689
JSON object : View
Products Affected
debian
- debian_linux
kde
- kde
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')