Vulnerability Details : CVE-2006-0055
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
Products affected by CVE-2006-0055
- cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0055
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0055
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST |
References for CVE-2006-0055
Jump to