CVE-1999-1332
published 1999-12-31CVE-1999-1332: gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
low2.1CVSS 3.1
AVLACLAuNCNIPAN
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gzip | < gzip 1.3.5-6 (bookworm) | gzip 1.3.5-6 (bookworm) |
| debian | gzip | — | — |
| gnu | gzip | <= 1.3.3 | — |
| gzip | gzip | >= 0 < 1.3.5-6 | 1.3.5-6 |
| gzip | gzip | >= 0 < 1.3.5-6 | 1.3.5-6 |
| gzip | gzip | >= 0 < 1.3.5-6 | 1.3.5-6 |
| gzip | gzip | >= 0 < 1.3.5-6 | 1.3.5-6 |
| redhat | linux | <= 5.0 | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv2.1LOW