Lucene search

[email protected]CVE-1999-1038

HistoryJun 26, 1998 - 4:00 a.m.

CVE-1999-1038

1998-06-2604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

tiger 2.2.3

cve-1999-1038

local users

overwrite arbitrary files

symlink attack

workdir variable.

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger’s default working directory, as defined by the WORKDIR variable.

CPENameOperatorVersion
tamu:tigertamu tigereq2.2.3

CPE	Name	Operator	Version
tamu:tiger	tamu tiger	eq	2.2.3

References

marc.info/?l=bugtraq&m=90221103125976&w=2

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON