Lucene search

[email protected]CVE-2005-3098

HistorySep 28, 2005 - 11:03 p.m.

CVE-2005-3098

2005-09-2823:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3098

poppassd

qualcomm

qpopper 4.0.8

local users

arbitrary files

privileges

6.9 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

JSON

poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.

CPENameOperatorVersion
qualcomm:qpopperqualcomm qpoppereq4.0.8

CPE	Name	Operator	Version
qualcomm:qpopper	qualcomm qpopper	eq	4.0.8

References

seclists.org/lists/fulldisclosure/2005/Sep/0652.html

secunia.com/advisories/16935

www.securityfocus.com/bid/14944

www.vupen.com/english/advisories/2005/1844

6.9 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-3098

ubuntucve1