PT-2003-1913 · Suse · Javarunt+1

Stefan Nordhausen

Published

2003-10-09

Updated

2016-10-18

CVE-2003-0846

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SuSE Linux version 7.3Pro

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the .java wrapper temporary file, which is created by SuSEconfig.javarunt in the javarunt package.

Recommendations For SuSE Linux version 7.3Pro, consider restricting access to the javarunt package to minimize the risk of exploitation. As a temporary workaround, avoid using SuSEconfig.javarunt until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0846

Affected Products

Suse Linux

Javarunt

PT-2003-1913 · Suse · Javarunt+1

CVE-2003-0846

Related Identifiers

Affected Products

References · 3