Vulnerability Details : CVE-2009-1601
The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory.
Exploit prediction scoring system (EPSS) score for CVE-2009-1601
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-1601
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:L/AC:L/Au:S/C:C/I:C/A:C |
3.1
|
10.0
|
NIST |
CWE ids for CVE-2009-1601
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-1601
Products affected by CVE-2009-1601
- cpe:2.3:o:ubuntu:linux:9.04:*:*:*:*:*:*:*