Lucene search

[email protected]CVE-2005-3331

HistoryOct 27, 2005 - 10:02 a.m.

CVE-2005-3331

2005-10-2710:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3331

viewpatch

mgdiff 1.0

local users

overwrite

arbitrary files

symlink attack

temporary files

nvd

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CPENameOperatorVersion
rogers_software_source:mgdiff_patch_viewerrogers software source mgdiff patch viewereq1.0

CPE	Name	Operator	Version
rogers_software_source:mgdiff_patch_viewer	rogers software source mgdiff patch viewer	eq	1.0

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=335188

secunia.com/advisories/17299

www.securityfocus.com/bid/15180

exchange.xforce.ibmcloud.com/vulnerabilities/22846

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2005-3331

debiancve1