Lucene search

K
cve[email protected]CVE-2001-0067
HistoryFeb 12, 2001 - 5:00 a.m.

CVE-2001-0067

2001-02-1205:00:00
NVD-CWE-Other
web.nvd.nist.gov
27
j-pilot
umask
local attackers
palmos backup
insecure umask
nvd
cve-2001-0067

6.3 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

The installation of J-Pilot creates the .jpilot directory with the user’s umask, which could allow local attackers to read other users’ PalmOS backup information if their umasks are not securely set.

6.3 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

Related for CVE-2001-0067