CVE-2004-2698

Name of the Vulnerable Software and Affected Versions IMWheel versions 1.0.0pre11 and earlier

Description A race condition issue exists when running with the -k option, allowing local users to cause a denial of service, potentially leading to a crash, and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.

Recommendations For IMWheel versions 1.0.0pre11 and earlier, consider removing the -k option to prevent the race condition until a patch is available. As a temporary workaround, restrict access to the imwheel.pid file to minimize the risk of exploitation.