What is the severity of CVE-2004-0372?

CVE-2004-0372 is considered a moderate severity vulnerability due to the potential for local users to overwrite arbitrary files.

How can I fix CVE-2004-0372?

To fix CVE-2004-0372, users should upgrade to a patched version of the xine media player that addresses this vulnerability.

What types of systems are affected by CVE-2004-0372?

CVE-2004-0372 affects various versions of xine, specifically versions from 0.9.13 to 1_beta12.

What is the cause of CVE-2004-0372?

CVE-2004-0372 is caused by a symlink attack that allows local users to exploit bug report emails generated by xine scripts.

Is CVE-2004-0372 a remote or local vulnerability?

CVE-2004-0372 is a local vulnerability, meaning it can only be exploited by users with local access to the system.

Vulnerability/
CVE-2004-0372

low

2.1

CWE

NVD-CWE-Other

27/3/2004

8/8/2024

CVE-2004-0372

First published: Sat Mar 27 2004(Updated: )

xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
xine	=1_beta9
xine	=1_beta3
xine	=1_rc0a
xine	=1_beta4
xine	=1_rc3b
xine	=1_beta2
xine	=1_rc3a
xine	=1_rc2
xine	=1_beta10
xine	=1_beta12
xine	=1_beta11
xine	=1_beta7
xine	=1_beta8
xine	=0.9.13
xine	=1_rc1
xine	=1_beta6
xine	=1_beta1
xine	=1_rc3
xine	=1_beta5

Remedy

http://www.debian.org/security/2004/dsa-477

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0372?
CVE-2004-0372 is considered a moderate severity vulnerability due to the potential for local users to overwrite arbitrary files.
How can I fix CVE-2004-0372?
To fix CVE-2004-0372, users should upgrade to a patched version of the xine media player that addresses this vulnerability.
What types of systems are affected by CVE-2004-0372?
CVE-2004-0372 affects various versions of xine, specifically versions from 0.9.13 to 1_beta12.
What is the cause of CVE-2004-0372?
CVE-2004-0372 is caused by a symlink attack that allows local users to exploit bug report emails generated by xine scripts.
Is CVE-2004-0372 a remote or local vulnerability?
CVE-2004-0372 is a local vulnerability, meaning it can only be exploited by users with local access to the system.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/author
agent/remedy
agent/references
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/xine
canonical/xine
version/xine/1_beta9
version/xine/1_beta3
version/xine/1_rc0a
version/xine/1_beta4
version/xine/1_rc3b
version/xine/1_beta2
version/xine/1_rc3a
version/xine/1_rc2
version/xine/1_beta10
version/xine/1_beta12
version/xine/1_beta11
version/xine/1_beta7
version/xine/1_beta8
version/xine/0.9.13
version/xine/1_rc1
version/xine/1_beta6
version/xine/1_beta1
version/xine/1_rc3
version/xine/1_beta5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.