Local File Manipulation Vulnerability in Microsoft Virtual PC for Mac
CVE-2004-0115

Currently unrated

Key Information:

Vendor: Microsoft
Status: Virtual Pc
Vendor: CVE Published:; 3 March 2004

Summary

Microsoft Virtual PC for Mac versions 6.0 through 6.1 contain a vulnerability that allows local attackers to perform a symlink attack on the VPCServices_Log temporary file. By exploiting this flaw, attackers can truncate and overwrite arbitrary files on the system, resulting in potential unauthorized code execution. This vulnerability emphasizes the importance of secure file handling and user privilege management in software applications.

References

http://www.osvdb.org/3893

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/9632

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/15113

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 3, 2004
Vulnerability Reserved
Feb 3, 2004