Vulnerability Details CVE-2004-1336
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.4%
CVSS Severity
CVSS v2 Score 2.1
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286370
- http://marc.info/?l=bugtraq&m=110383942014839&w=2
- http://www.securityfocus.com/bid/12100
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18708
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286370
- http://marc.info/?l=bugtraq&m=110383942014839&w=2
- http://www.securityfocus.com/bid/12100
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18708
Products affected by CVE-2004-1336
-
cpe:2.3:a:debian:tetex-bin:2.0.2
-
cpe:2.3:o:gentoo:linux:-
-
cpe:2.3:o:gentoo:linux:1.2
-
cpe:2.3:o:gentoo:linux:1.4
-
cpe:2.3:o:gentoo:linux:2.1.30
-
cpe:2.3:o:gentoo:linux:2.2.28
-
cpe:2.3:o:gentoo:linux:2.3.30