Vulnerability Description
cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | U2 Universe | <= 10.0.0.9 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.htmlBroken LinkExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=105839150004682&w=2Mailing List
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.htmlBroken LinkExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=105839150004682&w=2Mailing List
FAQ
What is CVE-2003-0578?
CVE-2003-0578 is a vulnerability with a CVSS score of 7.8 (HIGH). cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
How severe is CVE-2003-0578?
CVE-2003-0578 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0578?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm U2 Universe.