Lucene search
HistoryAug 18, 2003 - 4:00 a.m.
CVE-2003-0440
cve-2003-0440
semi mime library
wemi
local users
symlink attack
file overwrite
nvd
6.2 Medium
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| semi:semi | semi | eq | 1.14.3 |
| debian:debian_linux | debian debian linux | eq | 3.0 |
Related
openvas
openvas
Debian Security Advisory DSA 339-1 (semi, wemi)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-339)
2008-01-17 00:00:00
Debian Security Advisory DSA 337-1 (semi, wemi)
2008-01-17 00:00:00
nessus
nessus
RHEL 2.1 : semi (RHSA-2003:231)
2004-07-06 00:00:00
Debian DSA-339-1 : semi - insecure temporary file
2004-09-29 00:00:00
redhat
redhat
(RHSA-2003:231) semi security update
2003-10-02 00:00:00
debian
debian
osv
osv
semi - insecure temporary file
2003-07-06 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2003-0440
2003-07-10 04:00:00
debiancve
debiancve
CVE-2003-0440
2003-08-18 04:00:00
6.2 Medium
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2003-0440