Lucene search

[email protected]CVE-1999-1210

HistoryNov 12, 1997 - 5:00 a.m.

CVE-1999-1210

1997-11-1205:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1210

digital unix 4.0b

xterm

vulnerability

local users

overwrite files

symlink attack.

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.2%

JSON

xterm in Digital UNIX 4.0B with patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.

CPENameOperatorVersion
digital:unixdigital unixeq4.0b

CPE	Name	Operator	Version
digital:unix	digital unix	eq	4.0b

References

marc.info/?l=bugtraq&m=87936891504885&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/613

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.2%

JSON