Race condition in Linux mailx command allows local users to read user files.
Max CVSS
3.7
EPSS Score
0.04%
Published
1995-12-01
Updated
2022-08-17
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
Max CVSS
3.7
EPSS Score
0.04%
Published
1996-03-29
Updated
2008-09-09
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
Max CVSS
3.7
EPSS Score
0.04%
Published
1999-01-01
Updated
2022-08-17
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.
Max CVSS
3.6
EPSS Score
0.06%
Published
1999-08-03
Updated
2008-09-09
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
Max CVSS
3.6
EPSS Score
0.04%
Published
1999-12-03
Updated
2008-09-09
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
Max CVSS
3.6
EPSS Score
0.04%
Published
1999-12-02
Updated
2008-09-09
The default permissions for Endymion MailMan allow local users to read email or modify files.
Max CVSS
3.6
EPSS Score
0.04%
Published
1999-12-02
Updated
2008-09-09
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
Max CVSS
3.6
EPSS Score
0.29%
Published
1999-11-03
Updated
2008-09-09
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
Max CVSS
3.6
EPSS Score
0.05%
Published
1997-10-08
Updated
2017-12-19
Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration.
Max CVSS
3.6
EPSS Score
0.04%
Published
1999-12-31
Updated
2008-09-05
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.
Max CVSS
3.6
EPSS Score
0.04%
Published
1999-05-15
Updated
2016-10-18
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
Max CVSS
3.6
EPSS Score
0.04%
Published
1998-04-06
Updated
2008-09-05
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
Max CVSS
3.6
EPSS Score
0.06%
Published
1999-11-08
Updated
2016-10-18
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.
Max CVSS
3.5
EPSS Score
0.11%
Published
1999-12-31
Updated
2008-09-05
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
Max CVSS
3.6
EPSS Score
0.04%
Published
2000-01-17
Updated
2008-09-10
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
Max CVSS
3.6
EPSS Score
0.22%
Published
2000-02-01
Updated
2018-10-12
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
Max CVSS
3.6
EPSS Score
0.05%
Published
2000-04-18
Updated
2008-09-10
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so.
Max CVSS
3.6
EPSS Score
0.05%
Published
2000-05-16
Updated
2008-09-10
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
Max CVSS
3.7
EPSS Score
0.04%
Published
2000-05-10
Updated
2008-09-10
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.
Max CVSS
3.6
EPSS Score
1.24%
Published
2000-02-06
Updated
2017-10-10
The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.
Max CVSS
3.6
EPSS Score
0.08%
Published
2000-06-01
Updated
2018-10-12
SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.
Max CVSS
3.7
EPSS Score
0.05%
Published
2000-06-21
Updated
2008-09-10
IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.
Max CVSS
3.7
EPSS Score
0.05%
Published
2000-06-21
Updated
2008-09-10
Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
Max CVSS
3.6
EPSS Score
0.04%
Published
2000-07-27
Updated
2008-09-10
inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
Max CVSS
3.7
EPSS Score
0.04%
Published
2000-10-20
Updated
2017-10-10
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!