CVE-2003-1294

EPSS 0.10%

Published: 12/31/2003Modified: 4/28/2026

Also known as:DEBIAN-CVE-2003-1294

Description

Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.

Affected packages (1)

Debian/xscreensaverfrom 0, < 4.15-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-1294