Lucene search

[email protected]NVD:CVE-2004-1778

HistoryDec 22, 2004 - 5:00 a.m.

CVE-2004-1778

2004-12-2205:00:00

CWE-276

[email protected]

web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.

Affected configurations

NVD

Node

skypeskypeMatch0.92.0.12

skypeskypeMatch1.0.0.1

References

marc.info/?l=bugtraq&m=110374568916303&w=2

marc.info/?l=bugtraq&m=110868557905786&w=2

www.securityfocus.com/bid/12081

exchange.xforce.ibmcloud.com/vulnerabilities/18644

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2004-1778

cve1 cvelist1