CVE-2010-0825

Опубликовано: 29 мар. 2010

Источник: redhat

CVSS2: 3.3

EPSS Низкий

Описание

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

Отчет

Not vulnerable. This issues does not affect the versions of emacs or xemacs as shipped with Red Hat Enterprise Linux. The movemail utility in Red Hat Enterprise Linux does not have the setgid bit set, which is required for this flaw to be exploitable.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=578267xemacs: Race condition by moving message from user's inbox into user's Rmail file, when movemail setgid enabled

EPSS

Процентиль: 31%

0.00118

Низкий

3.3 Low

CVSS2

Связанные уязвимости

CVE-2010-0825

ubuntu

больше 15 лет назад

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

CVE-2010-0825

nvd

больше 15 лет назад

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

CVE-2010-0825

debian

больше 15 лет назад

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users t ...

GHSA-9x8g-36jg-fvcv

github

больше 3 лет назад

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

EPSS

Процентиль: 31%

0.00118

Низкий

3.3 Low

CVSS2