Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2003-0885

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-0885

2003-12-3105:00:00

Debian Security Bug Tracker

security-tracker.debian.org

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

48.1%

JSON

Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack.

OSVersionArchitecturePackageVersionFilename
Debian12allxscreensaver< 4.15xscreensaver_4.15_all.deb
Debian11allxscreensaver< 4.15xscreensaver_4.15_all.deb
Debian10allxscreensaver< 4.15xscreensaver_4.15_all.deb
Debian999allxscreensaver< 4.15xscreensaver_4.15_all.deb
Debian13allxscreensaver< 4.15xscreensaver_4.15_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	xscreensaver	< 4.15	xscreensaver_4.15_all.deb
Debian	11	all	xscreensaver	< 4.15	xscreensaver_4.15_all.deb
Debian	10	all	xscreensaver	< 4.15	xscreensaver_4.15_all.deb
Debian	999	all	xscreensaver	< 4.15	xscreensaver_4.15_all.deb
Debian	13	all	xscreensaver	< 4.15	xscreensaver_4.15_all.deb

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

48.1%

JSON

Related for DEBIANCVE:CVE-2003-0885