CVE-2004-0372 Information

Description

xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.

Reference

http://marc.info/?l=bugtraq&m=107997911025558&w=2 http://security.gentoo.org/glsa/glsa-200404-20.xml http://www.debian.org/security/2004/dsa-477 http://www.securityfocus.com/bid/9939 https://exchange.xforce.ibmcloud.com/vulnerabilities/15564