cbcvebase.
CVE-2004-2303
published 2004-12-31

CVE-2004-2303: MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and…

PriorityP410low3.6CVSS 2.0
AVLACLAuNCPIPAN
EXPLOIT
EPSS
0.63%
45.6th percentile
MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files.

Affected

10 ranges
VendorProductVersion rangeFixed in
debianmtools< mtools 3.9.9 (bookworm)mtools 3.9.9 (bookworm)
mtoolsmformat
mtoolsmformat
mtoolsmformat
mtoolsmformat
mtoolsmformat
mtoolsmformat
mtoolsmformat
mtoolsmformat
mtoolsmformat

CVSS provenance

nvdv2.03.6LOWAV:L/AC:L/Au:N/C:P/I:P/A:N
osv3.6LOW
vendor_debian3.6LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.