CVE-2004-2605

2005-11-2902:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=287604

secunia.com/advisories/13679

shellcode.org/pipermail/debian-audit/2004-December/000078.html

www.osvdb.org/12632

www.securityfocus.com/bid/12128

exchange.xforce.ibmcloud.com/vulnerabilities/18698