CVE-2004-1894

CVE-2004-1894

EPSS 0.4%

TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrary files via a symlink attack on texutil.log.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019777.html http://marc.info/?l=bugtraq&m=108118755923319&w=2 http://securitytracker.com/id?1009661 https://exchange.xforce.ibmcloud.com/vulnerabilities/15728 http://www.securityfocus.com/bid/10042