Lucene search

[email protected]CVE-2001-1276

HistoryJun 21, 2001 - 4:00 a.m.

CVE-2001-1276

2001-06-2104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ispell

cve-2001-1276

vulnerability

local file overwrite

symlink attack

6.4 Medium

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.

CPENameOperatorVersion
itcorp:ispellitcorp ispellle3.1.20

CPE	Name	Operator	Version
itcorp:ispell	itcorp ispell	le	3.1.20

References

download.immunix.org/ImmunixOS/6.2/updates/IMNX-2001-62-004-01

marc.info/?l=bugtraq&m=99317439131174&w=2

www.linux-mandrake.com/en/security/2001/MDKSA-2001-058.php3

www.redhat.com/support/errata/RHSA-2001-074.html

6.4 Medium

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2001-1276

nessus1