Vulnerabilities > CVE-2003-1139 - Unspecified vulnerability in Musicqueue 1.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

musicqueue

exploit available

NVD

Published: 2003-10-27

Updated: 2017-07-11

Summary

Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.

Vulnerable Configurations

Part	Description	Count
Application	Musicqueue Musicqueue Musicqueue 1.2	1

Exploit-Db

description	Musicqueue 1.2 SIGSEGV Signal Handler Insecure File Creation Vulnerability. CVE-2003-1139 . Local exploit for linux platform
id	EDB-ID:23297
last seen	2016-02-02
modified	2003-10-27
published	2003-10-27
reporter	dong-h0un U
source	https://www.exploit-db.com/download/23297/
title	Musicqueue 1.2 SIGSEGV Signal Handler Insecure File Creation Vulnerability

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0021.html
http://secunia.com/advisories/10104
http://securitytracker.com/id?1008014
http://www.securityfocus.com/archive/1/342476
http://www.securityfocus.com/bid/8899
https://exchange.xforce.ibmcloud.com/vulnerabilities/13520