File Overwrite Vulnerability in gzip by GNU
CVE-2004-0970
Currently unrated
Summary
The gzip package, utilized by various applications, exhibits a vulnerability in its gzexe, zdiff, and znew scripts, which allows local users to conduct a symlink attack on temporary files. This exploit can lead to unauthorized file overwrites, potentially compromising system integrity and user data. Efforts should be taken to mitigate the risks associated with this vulnerability.
References
Timeline
Vulnerability published
Vulnerability Reserved