Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
References
Configurations
History
20 Nov 2024, 23:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0914.html - | |
References | () http://imwheel.sourceforge.net/files/DEVELOPMENT.txt - | |
References | () http://secunia.com/advisories/12349 - Vendor Advisory | |
References | () http://securitytracker.com/id?1011049 - | |
References | () http://www.caughq.org/advisories/CAU-2004-0002.txt - | |
References | () http://www.osvdb.org/9111 - | |
References | () http://www.securityfocus.com/bid/11008 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17082 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:54
NVD link : CVE-2004-2698
Mitre link : CVE-2004-2698
CVE.ORG link : CVE-2004-2698
JSON object : View
Products Affected
imwheel
- imwheel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')