CVE-2004-0689

high

Description

KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16963

http://www.kde.org/info/security/advisory-20040811-1.txt

http://www.debian.org/security/2004/dsa-539

http://security.gentoo.org/glsa/glsa-200408-13.xml

http://marc.info/?l=bugtraq&m=109225538901170&w=2

Details

Source: Mitre, NVD

Published: 2004-09-28

Updated: 2024-01-26

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

Detections

Analytics