Unrated severityNVD Advisory· Published Apr 15, 2004· Updated Apr 16, 2026
CVE-2004-0372
CVE-2004-0372
Description
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
Affected products
19cpe:2.3:a:xine:xine:0.9.13:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:xine:xine:0.9.13:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta10:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta11:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta12:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta4:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta5:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta6:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta7:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta8:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_beta9:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc0a:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc3a:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc3b:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.debian.org/security/2004/dsa-477nvdPatchVendor Advisory
- www.securityfocus.com/bid/9939nvdVendor Advisory
- marc.infonvd
- security.gentoo.org/glsa/glsa-200404-20.xmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15564nvd
News mentions
0No linked articles in our index yet.