CVE-2003-0887

ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file.

Published: Dec 31, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0887
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
angus_mackay / ez-ipupdate	3.0.11b7	3.0.11b7.x
angus_mackay / ez-ipupdate	3.0.11b5	3.0.11b5.x

http://cvs.mandriva.com/cgi-bin/viewcvs.cgi/SPECS/ez-ipupdate/ez-ipupdate.spec?r1=1.4&r2=1.5
http://cvs.mandriva.com/cgi-bin/viewcvs.cgi/SPECS/ez-ipupdate/ez-ipupdate.spec?rev=1.6

Vulnerability Database

289,697

CVE-2003-0887