CVE-2004-0996

Published: Dec 1, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

cscope-tmp-race-condition(18125)

vdb-entry

x_refsource_XF

ADV-2007-2732

vdb-entry

x_refsource_VUPEN

20041118 Re: RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.

mailing-list

x_refsource_BUGTRAQ

APPLE-SA-2007-07-31

vendor-advisory

x_refsource_APPLE

20041117 RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.

mailing-list

x_refsource_BUGTRAQ

11697

vdb-entry

x_refsource_BID

DSA-610

vendor-advisory

x_refsource_DEBIAN

20041124 STG Security Advisory: [SSA-20041122-09] cscope insecure temp file creation vulnerability

mailing-list

x_refsource_BUGTRAQ

http://docs.info.apple.com/article.html?artnum=306172

x_refsource_CONFIRM

20041118 Re: RX171104 Cscope v15.5 and minors - symlink vulnerability - advisory, exploit and patch.

mailing-list

x_refsource_BUGTRAQ

25159

vdb-entry

x_refsource_BID

GLSA-200412-11

vendor-advisory

x_refsource_GENTOO

26235

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-0996

Description

Affected Products

References