CVE-2004-0689

7.1 HIGH

Published: September 28, 2004 Modified: April 16, 2026

Description

KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864

Source: cve@mitre.org

Broken Link

http://marc.info/?l=bugtraq&m=109225538901170&w=2

Source: cve@mitre.org

Mailing List

http://secunia.com/advisories/12276/

Source: cve@mitre.org

Broken Link Patch Vendor Advisory

http://security.gentoo.org/glsa/glsa-200408-13.xml

Source: cve@mitre.org

Third Party Advisory

http://www.debian.org/security/2004/dsa-539

Source: cve@mitre.org

Third Party Advisory

http://www.kde.org/info/security/advisory-20040811-1.txt

Source: cve@mitre.org

Patch Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16963

Source: cve@mitre.org

Third Party Advisory VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334

Source: cve@mitre.org

Broken Link

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864