Vulnerability Details CVE-2004-0770
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.4%
CVSS Severity
CVSS v2 Score 2.1
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=263282&archive=yes
- http://secunia.com/advisories/12214
- http://www.securityfocus.com/bid/10855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16884
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=263282&archive=yes
- http://secunia.com/advisories/12214
- http://www.securityfocus.com/bid/10855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16884
Products affected by CVE-2004-0770
-
cpe:2.3:a:dgen:emulator:1.15
-
cpe:2.3:a:dgen:emulator:1.16
-
cpe:2.3:a:dgen:emulator:1.17
-
cpe:2.3:a:dgen:emulator:1.18
-
cpe:2.3:a:dgen:emulator:1.20
-
cpe:2.3:a:dgen:emulator:1.20_a
-
cpe:2.3:a:dgen:emulator:1.21
-
cpe:2.3:a:dgen:emulator:1.22
-
cpe:2.3:a:dgen:emulator:1.23
-
cpe:2.3:o:debian:debian_linux:3.0