CVE-2004-0968
glibc - insecure temporary files
EPSS 0.07%
Description
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
How to fix CVE-2004-0968
To remediate CVE-2004-0968, upgrade the affected package to a fixed version below.
- Debian/glibc—upgrade to 2.3.2.ds1-19 or later
- Debian/glibc—upgrade to 2.2.5-11.8 or later
Is CVE-2004-0968 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.3.2.ds1-19
- from 0, < 2.2.5-11.8