CVE-2004-0969

medium

Description

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17583

http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:038

http://www.trustix.org/errata/2004/0050

http://www.securityfocus.com/bid/11287

http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml

http://secunia.com/advisories/18764

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136313

Details

Source: Mitre, NVD

Published: 2005-02-09

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

Detections

Analytics