CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-0885

Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.4%

CVSS Severity

CVSS v2 Score 6.4

References

http://bugs.gentoo.org/show_bug.cgi?id=41253
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182286
http://bugs.gentoo.org/show_bug.cgi?id=41253
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182286

Products affected by CVE-2003-0885

Xscreensaver » Xscreensaver » Version: 4.14

cpe:2.3:a:xscreensaver:xscreensaver:4.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-0885

Products

Pricing

Contact Us