Vulnerability Details CVE-2004-0689
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.4%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 4.6
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
- http://marc.info/?l=bugtraq&m=109225538901170&w=2
- http://secunia.com/advisories/12276/
- http://security.gentoo.org/glsa/glsa-200408-13.xml
- http://www.debian.org/security/2004/dsa-539
- http://www.kde.org/info/security/advisory-20040811-1.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16963
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
- http://marc.info/?l=bugtraq&m=109225538901170&w=2
- http://secunia.com/advisories/12276/
- http://security.gentoo.org/glsa/glsa-200408-13.xml
- http://www.debian.org/security/2004/dsa-539
- http://www.kde.org/info/security/advisory-20040811-1.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16963
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334