Lucene search
HistoryApr 02, 2003 - 5:00 a.m.
CVE-2002-0377
gaim 0.57
file security
local access
msn email exposure
cve-2002-0377
6.1 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.
Affected configurations
Node
rob_flynngaimMatch0.57
| CPE | Name | Operator | Version |
|---|---|---|---|
| rob_flynn:gaim | rob flynn gaim | eq | 0.57 |
Related
cvelist
cvelist
CVE-2002-0377
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0377
2002-05-29 04:00:00
nessus
nessus
RHEL 2.1 : gaim (RHSA-2002:122)
2004-07-06 00:00:00
6.1 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2002-0377