Home > Vulnerability Database > CVE-2004-0966

Mend.io Vulnerability Database

CVE-2004-0966

Date: October 19, 2004

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Severity Score

4.0

Related Resources (12)

Url: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:051

Url: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323

Url: http://www.trustix.org/errata/2004/0050

Url: https://www.ubuntu.com/usn/usn-5-1/

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/17583

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2004-0966

Url: http://marc.info/?l=bugtraq&m=110382652226638&w=2

Url: http://www.securityfocus.com/bid/11282

Url: https://nvd.nist.gov/vuln/detail/CVE-2004-0966

Url: http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00000.html

Url: http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml

Url: https://www.mend.io/vulnerability-database/CVE-2004-0966

Severity Score

4.0

CVSS v3.1

Base Score:	4.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	2.1
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2004-0966

Date: October 19, 2004

Severity Score

Related Resources (12)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?