CVE-1999-1210

3 documents3 sources

Severity

7.2HIGH

EPSS

0.0%

top 88.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Digital Unix

Timeline

PublishedNov 12

Latest updateApr 30

Description

xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDdigital/unix4.0b

🔴Vulnerability Details

GHSA

GHSA-rx4w-gvh4-qffg: xterm in Digital UNIX 4↗2022-04-30

▶

CVEList

CVE-1999-1210: xterm in Digital UNIX 4↗2001-09-12

▶