Lucene search

[email protected]CVE-2003-1323

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1323

2003-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-1323

elm me+ 2.4

pl109s

local privilege escalation

nvd

7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

24.5%

JSON

Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors.

CPENameOperatorVersion
elm_development_group:elmelm development group elmeq2.4

CPE	Name	Operator	Version
elm_development_group:elm	elm development group elm	eq	2.4

References

www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz

7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

24.5%

JSON