Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1139

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1139
Last Modified 05 Sep 2008 04:36:08
Published 27 Oct 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1139

Summary

Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.

Vulnerable Systems

Application

  • Musicqueue 1.2


References

XF - musicqueue-tmpfile-symlink(13520)

BID - 8899

BUGTRAQ - 20031027 Musicqueue multiple local vulnerabilities

SECTRACK - 1008014

SECUNIA - 10104


Last Updated: 27 May 2016 10:38:14