Lucene search

MitreCVE-2001-1085

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2001-1085

2002-06-2504:00:00

mitre

web.nvd.nist.gov

cve-2001-1085

lmail 2.7

security vulnerability

symlink attack

temporary file

overwrite files

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

Percentile

0.4%

JSON

Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

Affected configurations

Nvd

Node

jon_zeefflmailMatch2.7

VendorProductVersionCPE
jon_zeefflmail2.7cpe:2.3:a:jon_zeeff:lmail:2.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jon_zeeff	lmail	2.7	cpe:2.3:a:jon_zeeff:lmail:2.7:::::::*

References

www.securityfocus.com/archive/1/195022

www.securityfocus.com/bid/2984

exchange.xforce.ibmcloud.com/vulnerabilities/6809

CVSS2

3.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for CVE-2001-1085