Lucene search

K
cve[email protected]CVE-2001-0409
HistorySep 18, 2001 - 4:00 a.m.

CVE-2001-0409

2001-09-1804:00:00
web.nvd.nist.gov
27
cve
information security
gvim
symlink attack
local users
file modification
world writable directory

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.

Affected configurations

NVD
Node
vim_development_groupvimMatch5.7

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

Related for CVE-2001-0409