Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0603

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2003-0603
Last Modified 05 Sep 2008 04:34:45
Published 27 Aug 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0603

Summary

Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.

Vulnerable Systems

Application

  • Mozilla Bugzilla 2.10

  • Mozilla Bugzilla 2.12

  • Mozilla Bugzilla 2.14

  • Mozilla Bugzilla 2.14.1

  • Mozilla Bugzilla 2.14.2

  • Mozilla Bugzilla 2.14.3

  • Mozilla Bugzilla 2.14.4

  • Mozilla Bugzilla 2.14.5

  • Mozilla Bugzilla 2.16

  • Mozilla Bugzilla 2.16.1

  • Mozilla Bugzilla 2.16.2

  • Mozilla Bugzilla 2.17

  • Mozilla Bugzilla 2.17.1

  • Mozilla Bugzilla 2.17.3


References

BID - 7412

CONFIRM - http://www.bugzilla.org/security/2.16.2/

CONECTIVA - CLA-2003:653


Last Updated: 27 May 2016 10:37:58