2.1 CVE-2003-1294

 

Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.
https://nvd.nist.gov/vuln/detail/CVE-2003-1294

Categories

CWE-NVD-Other

References


 

CPE

cpe start end
Configuration 1
cpe:2.3:a:xscreensaver:xscreensaver:4.05_5cl:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.05_6:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.05_6a:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.05_150:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.07_2:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.08_29135cl:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.09_0:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_4:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_6:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_8:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.10_15:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.11_0:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.12_58:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.12_62:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_0:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_2:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_4:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14_5:*:*:*:*:*:*:*


REMEDIATION




EXPLOITS


Exploit-db.com

id description date
No known exploits

Other (github, ...)

Url
No known exploits


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
No entry


MITRE