CVE-2008-0931

Name of the Vulnerable Software and Affected Versions XWine version 1.0.1

Description The issue concerns a problem with file permissions. Specifically, w export.c in XWine sets insecure permissions (0666) for the /etc/wine/config file. This could potentially allow local users to execute arbitrary commands or cause a denial of service by modifying the file. Additionally, there are multiple vulnerabilities in the XWine package on Debian GNU/Linux that could lead to breaches of confidentiality, integrity, and availability of protected information, exploitable by a local attacker.

Recommendations For XWine version 1.0.1, consider changing the permissions of the /etc/wine/config file to prevent unauthorized access until a patch is available. As a temporary workaround, restrict access to the /etc/wine/config file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.