CVE-2001-0125Exmh vulnerability

3 documents3 sources
Severity
1.2LOWNVD
EPSS
0.1%
top 77.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
ExmhDebian LinuxMandrakesoft Mandrake Linux+1 more
Timeline
PublishedMar 12
Latest updateApr 30

Description

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

CVSS vector

AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages3 packages

NVDexmh/exmh2.2
NVDmandrakesoft/mandrake_linux5 versions+4

Also affects: Debian Linux 2.2

Patches

Patch: www.beedub.comPatch: www.linux-mandrake.comPatch: www.beedub.com

🔴Vulnerability Details

2
GHSA
GHSA-xqfx-vw59-w985: exmh 22022-04-30
CVEList
CVE-2001-0125: exmh 22001-05-07