CVE-2004-0996

EPSS 1.1%

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

Affected products

n/a · n/a

public PoCs found — 2

exploitdbwww.exploit-db.com/exploits/24749unverified exploitdbwww.exploit-db.com/exploits/24750unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://marc.info/?l=bugtraq&m=110133485519690&w=2 http://secunia.com/advisories/26235 https://exchange.xforce.ibmcloud.com/vulnerabilities/18125 http://www.debian.org/security/2004/dsa-610 http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml http://www.securityfocus.com/archive/1/381443 http://www.securityfocus.com/archive/1/381506 http://www.securityfocus.com/archive/1/381611 http://www.securityfocus.com/bid/11697 http://www.securityfocus.com/bid/25159