High severity7.1NVD Advisory· Published Nov 17, 2003· Updated Jun 16, 2026
CVE-2003-0844
CVE-2003-0844
Description
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
Affected products
2Patches
Vulnerability mechanics
References
1- marc.infonvdMailing List
News mentions
0No linked articles in our index yet.