Moole Vulnerability Database

Find real vulnerabilities before they ship

High

CVE-2004-0689

KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.

VectorLOCAL

PublishedSep 28, 2004, 04:00

Published Bycve@mitre.org

Base Score

Score7.1

Affected Versions

No affected versions found.

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
http://marc.info/?l=bugtraq&m=109225538901170&w=2
http://secunia.com/advisories/12276/
http://security.gentoo.org/glsa/glsa-200408-13.xml
http://www.debian.org/security/2004/dsa-539
http://www.kde.org/info/security/advisory-20040811-1.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/16963
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334

Weakness Type

CWE-59

CVSS Metrics

Base Score

7.1

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Base SeverityHigh

Version

3.1

Attack Vector (AV)

LOCAL