Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2003-1294

Disclosure Date: December 31, 2003
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Vendors

  • xscreensaver

Products

  • xscreensaver 4.05 150,
  • xscreensaver 4.05 5cl,
  • xscreensaver 4.05 6,
  • xscreensaver 4.05 6a,
  • xscreensaver 4.07 2,
  • xscreensaver 4.08 29135cl,
  • xscreensaver 4.09 0,
  • xscreensaver 4.10 15,
  • xscreensaver 4.10 4,
  • xscreensaver 4.10 6,
  • xscreensaver 4.10 8,
  • xscreensaver 4.11 0,
  • xscreensaver 4.12 58,
  • xscreensaver 4.12 62,
  • xscreensaver 4.14 0,
  • xscreensaver 4.14 2,
  • xscreensaver 4.14 4,
  • xscreensaver 4.14 5
Technical Analysis