skk Arbitrary Code Execution Vulnerability


skk (Simple Kana to Kanji conversion software) would create an insecure temporary file without taking proper security precautions.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.6 (Medium) [NVD Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products

SKK Openlab
  • SKK priort to version 12.1
Red Hat, Inc.
  • Red Hat Linux 7.1
  • Red Hat Linux 7.2
  • Red Hat Linux 7.3
  • Red Hat Linux 8.0
  • Red Hat Linux 9
  • Red Hat Linux 7.1 for zSeries


An local attacker could overwrite arbitrary files.

Please refer to the 'Vendor Information' section for official remediation and take appropriate action.
Vendor Information

SKK Openlab Red Hat, Inc.
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2003-0539

  1. National Vulnerability Database (NVD) : CVE-2003-0539
  2. SecurityFocus : 8144
Revision History

  • [2008/05/21]
      Web page published