Lucene search

[email protected]CVE-1999-0988

HistoryDec 04, 1999 - 5:00 a.m.

CVE-1999-0988

1999-12-0405:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

unixware

pkgtrans

symlink attack

local users

nvd

cve-1999-0988

7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.

CPENameOperatorVersion
sco:unixwaresco unixwareeq2.0.3
sco:unixwaresco unixwareeq7.1
sco:unixwaresco unixwareeq7.1.16
sco:unixwaresco unixwareeq2.1
sco:unixwaresco unixwareeq7.1.1
sco:unixwaresco unixwareeq7.0
sco:unixwaresco unixwareeq2.0
sco:unixwaresco unixwareeq7.0.1

CPE	Name	Operator	Version
sco:unixware	sco unixware	eq	2.0.3
sco:unixware	sco unixware	eq	7.1
sco:unixware	sco unixware	eq	7.1.16
sco:unixware	sco unixware	eq	2.1
sco:unixware	sco unixware	eq	7.1.1
sco:unixware	sco unixware	eq	7.0
sco:unixware	sco unixware	eq	2.0
sco:unixware	sco unixware	eq	7.0.1

References

exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0988

7 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON