CVE-2003-0603 Information

Description

Bugzilla 2.16.x before 2.16.3 2.17.x before 2.17.4 and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.

Reference

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000653 http://www.bugzilla.org/security/2.16.2/ http://www.securityfocus.com/bid/7412