Lucene search

[email protected]CVE-1999-0114

HistoryJan 01, 1998 - 5:00 a.m.

CVE-1999-0114

1998-01-0105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-0114

elm elm-2.4

symlink attack

user privilege exploitation

nvd

7.8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Local users can execute commands as other users, and read other users’ files, through the filter command in the Elm elm-2.4 mail package using a symlink attack.

CPENameOperatorVersion
elm_development_group:elmelm development group elmeq2.4

CPE	Name	Operator	Version
elm_development_group:elm	elm development group elm	eq	2.4

References

exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0114

7.8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON