CVE-2004-0689

high

Description

KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.

References

Advisories
More

https://exchange.xforce.ibmcloud.com/vulnerabilities/16963

http://www.debian.org/security/2004/dsa-539

http://security.gentoo.org/glsa/glsa-200408-13.xml

http://www.kde.org/info/security/advisory-20040811-1.txt

http://marc.info/?l=bugtraq&m=109225538901170&w=2

Details

Source: Mitre, NVD

Published: 2004-09-28

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00029

Detections

Analytics