Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack.
References
Link | Resource |
---|---|
http://bugs.gentoo.org/show_bug.cgi?id=41253 | Exploit Patch Vendor Advisory |
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182286 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-02-28T01:00:00
Updated: 2021-06-15T16:36:42
Reserved: 2003-10-24T00:00:00
Link: CVE-2003-0885
JSON object: View
NVD Information
Status : Analyzed
Published: 2003-12-31T05:00:00.000
Modified: 2008-09-05T20:35:30.780
Link: CVE-2003-0885
JSON object: View
Redhat Information
No data.
CWE