CVE

Id
11041  
CVE No.
CVE-2004-2615  
Status
Candidate  
Description
The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact.  
Phase
Assigned (20051204)  
Votes
None (candidate not yet proposed)  
Comments