CVE-2005-2944

2005-09-1604:00:00

mitre

www.cve.org

symlink attack

arbitrary file overwrite

local users

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file.

References

bugs.gentoo.org/show_bug.cgi?id=104566

secunia.com/advisories/16833

www.zataz.net/adviso/gwcc-09052005.txt