xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
2004-04-15T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 2.1 (LOW)
AV:L/AC:L/Au:N/C:N/I:P/A:N
3.9
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | xine | xine | 0.9.13 | Yes |
| Application | xine | xine | 1_beta1 | Yes |
| Application | xine | xine | 1_beta2 | Yes |
| Application | xine | xine | 1_beta3 | Yes |
| Application | xine | xine | 1_beta4 | Yes |
| Application | xine | xine | 1_beta5 | Yes |
| Application | xine | xine | 1_beta6 | Yes |
| Application | xine | xine | 1_beta7 | Yes |
| Application | xine | xine | 1_beta8 | Yes |
| Application | xine | xine | 1_beta9 | Yes |
| Application | xine | xine | 1_beta10 | Yes |
| Application | xine | xine | 1_beta11 | Yes |
| Application | xine | xine | 1_beta12 | Yes |
| Application | xine | xine | 1_rc0a | Yes |
| Application | xine | xine | 1_rc1 | Yes |
| Application | xine | xine | 1_rc2 | Yes |
| Application | xine | xine | 1_rc3 | Yes |
| Application | xine | xine | 1_rc3a | Yes |
| Application | xine | xine | 1_rc3b | Yes |