CVE-2005-1976

CWE-4395 documents5 sources
Severity
1.7LOW
EPSS
0.1%
top 78.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Netmail
Timeline
PublishedDec 31
Latest updateMay 1

Description

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.1 | Impact: 2.9

Affected Packages1 packages

NVDnovell/netmail3.5.2

Patches

Patch: secunia.comPatch: support.novell.comPatch: www.osvdb.org

🔴Vulnerability Details

2
GHSA
GHSA-x683-mvqr-m8gj: Novell NetMail 32022-05-01
CVEList
CVE-2005-1976: Novell NetMail 32006-06-05

💥Exploits & PoCs

1
Exploit-DB
Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-Site Scripting Vulnerabilities2011-08-09

📐Framework References

1
CWE
Behavioral Change in New Version or Environment
CVE-2005-1976 (LOW CVSS 1.7) | Novell NetMail 3.5.2a | cvebase.io