| ID |
CVE-2003-0539
|
| Summary |
skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:ddskk:ddskk:11.6_.rel.0:*:*:*:*:*:*:*
cpe:2.3:a:ddskk:ddskk:11.6_.rel.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:daredevil_skk:11.3.2:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:daredevil_skk:11.3.2:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:daredevil_skk:11.3.5:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:daredevil_skk:11.3.5:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:daredevil_skk:11.6.0-6:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:daredevil_skk:11.6.0-6:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:daredevil_skk:11.6.0-8:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:daredevil_skk:11.6.0-8:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:daredevil_skk:11.6.0-10:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:daredevil_skk:11.6.0-10:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:ddskk-xemacs:11.6.0-6:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:ddskk-xemacs:11.6.0-6:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:ddskk-xemacs:11.6.0-8:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:ddskk-xemacs:11.6.0-8:*:noarch:*:*:*:*:*
-
cpe:2.3:a:redhat:ddskk-xemacs:11.6.0-10:*:noarch:*:*:*:*:*
cpe:2.3:a:redhat:ddskk-xemacs:11.6.0-10:*:noarch:*:*:*:*:*
-
cpe:2.3:a:skk:skk:10.62a:*:*:*:*:*:*:*
cpe:2.3:a:skk:skk:10.62a:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 4.6 (as of 11-10-2017 - 01:29) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
| oval
via4
|
| accepted | 2007-04-25T19:52:25.291-04:00 | | class | vulnerability | | contributors | | name | Jay Beale | | organization | Bastille Linux |
| name | Jay Beale | | organization | Bastille Linux |
| name | Thomas R. Jones | | organization | Maitreya Security |
| | description | skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files. | | family | unix | | id | oval:org.mitre.oval:def:28 | | status | accepted | | submitted | 2003-09-04T12:00:00.000-04:00 | | title | SKK/DDSKK Insecure Temporary File Vulnerability | | version | 38 |
|
| redhat
via4
|
|
| refmap
via4
|
|
| Last major update |
11-10-2017 - 01:29 |
| Published |
18-08-2003 - 04:00 |
| Last modified |
11-10-2017 - 01:29 |
