Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-cyqf-ycjc-wygc
Vulnerability ID VCID-cyqf-ycjc-wygc
Aliases CVE-2004-1377
Summary The fixps and psmandup scripts in the a2ps package are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files. A vulnerability in a2ps filename handling could also result in arbitrary command execution.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
epss 0.00072 https://api.first.org/data/v1/epss?cve=CVE-2004-1377
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1377.json
https://api.first.org/data/v1/epss?cve=CVE-2004-1377
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1377
286385 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286385
GLSA-200501-02 https://security.gentoo.org/glsa/200501-02
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.21954
EPSS Score 0.00072
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:11.034338+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200501-02 38.0.0