CVE-2003-1294

Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.

Date published : 2006-02-27

http://www.securityfocus.com/bid/9125

http://support.avaya.com/elmodocs2/security/ASA-2006-107.htm