CVE-2004-0996
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2004-0996
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2004-0996.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2004-0996
- Related
- Published
- 2005-01-10T05:00:00Z
- Modified
- 2024-11-20T23:49:51Z
- Summary
- [none]
- Details
-
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
- References
-
- http://secunia.com/advisories/26235
- http://www.debian.org/security/2004/dsa-610
- http://www.securityfocus.com/bid/11697
- http://www.vupen.com/english/advisories/2007/2732
- http://docs.info.apple.com/article.html?artnum=306172
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://marc.info/?l=bugtraq&m=110133485519690&w=2
- http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
- http://www.securityfocus.com/archive/1/381443
- http://www.securityfocus.com/archive/1/381506
- http://www.securityfocus.com/archive/1/381611
- http://www.securityfocus.com/bid/25159
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18125
- https://security-tracker.debian.org/tracker/CVE-2004-0996
Affected packages
Debian:11 / cscope
Package
- Name
- cscope
- Purl
- pkg:deb/debian/cscope?arch=source
Debian:12 / cscope
Package
- Name
- cscope
- Purl
- pkg:deb/debian/cscope?arch=source
Debian:13 / cscope
Package
- Name
- cscope
- Purl
- pkg:deb/debian/cscope?arch=source