CVE-2004-1808
published 2004-12-31CVE-2004-1808: Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
PriorityP48low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.33%
24.7th percentile
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| metamail_corporation | metamail | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CVE-2004-1808: Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attac
vendor_redhat·CVSS 2.1
CVE-2004-1808 [LOW] CVE-2004-1808: Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attac
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
Statement: The Red Hat Security Response Team rated this issue as having low security impact. This issue affected Red Hat Enterprise Linux 2.1 but due to the low severity will not be fixed. metamail was not shipped in Red Hat Enterprise Linux 3, 4, or 5.
GHSA
GHSA-jv8m-525m-hcvp: Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attac
ghsa_unreviewed·2022-04-29
CVE-2004-1808 [LOW] GHSA-jv8m-525m-hcvp: Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attac
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
No detection rules found.
No public exploits indexed.
2004-12-31
Published