CVE-2004-0770

romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.

Published: Jan 10, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-0770
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
dgen / emulator	1.17	1.17.x
dgen / emulator	1.16	1.16.x
dgen / emulator	1.21	1.21.x
dgen / emulator	1.15	1.15.x
dgen / emulator	1.20	1.20.x
dgen / emulator	1.23	1.23.x
dgen / emulator	1.22	1.22.x
dgen / emulator	1.18	1.18.x
dgen / emulator	1.20_a	1.20_a.x
debian / debian_linux	3.0	3.0.x

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=263282&archive=yes
http://secunia.com/advisories/12214
http://www.securityfocus.com/bid/10855
https://exchange.xforce.ibmcloud.com/vulnerabilities/16884

Vulnerability Database

290,273

CVE-2004-0770