CVE-1999-1187

3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 77.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
University OF Washington PineFreebsd FreebsdSlackware Slackware Linux
Timeline
PublishedAug 26
Latest updateApr 30

Description

Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

Also affects: Freebsd 2.1.0

🔴Vulnerability Details

2
GHSA
GHSA-rvv4-ghr7-fw82: Pine before version 32022-04-30
CVEList
CVE-1999-1187: Pine before version 32001-09-12