CVE-2004-0996

Name of the Vulnerable Software and Affected Versions: cscope versions 15-4 through 15-5

Description: The issue allows local users to overwrite arbitrary files via a symlink attack due to the creation of temporary files with predictable filenames in the main.c file of the affected software.

Recommendations: For cscope versions 15-4 through 15-5, consider updating to a version where this issue is resolved, or as a temporary workaround, restrict access to the temporary file creation functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.