CVE Vulnerabilities

CVE-2003-0603

Published: Aug 27, 2003 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.

Affected Software

Name Vendor Start Version End Version
Bugzilla Mozilla 2.10 (including) 2.10 (including)
Bugzilla Mozilla 2.12 (including) 2.12 (including)
Bugzilla Mozilla 2.14 (including) 2.14 (including)
Bugzilla Mozilla 2.14.1 (including) 2.14.1 (including)
Bugzilla Mozilla 2.14.2 (including) 2.14.2 (including)
Bugzilla Mozilla 2.14.3 (including) 2.14.3 (including)
Bugzilla Mozilla 2.14.4 (including) 2.14.4 (including)
Bugzilla Mozilla 2.14.5 (including) 2.14.5 (including)
Bugzilla Mozilla 2.16 (including) 2.16 (including)
Bugzilla Mozilla 2.16.1 (including) 2.16.1 (including)
Bugzilla Mozilla 2.16.2 (including) 2.16.2 (including)
Bugzilla Mozilla 2.17 (including) 2.17 (including)
Bugzilla Mozilla 2.17.1 (including) 2.17.1 (including)
Bugzilla Mozilla 2.17.3 (including) 2.17.3 (including)

References