CVE
- Id
- 11041
- CVE No.
- CVE-2004-2615
- Status
- Candidate
- Description
- The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact.
- Phase
- Assigned (20051204)
- Votes
- None (candidate not yet proposed)
- Comments