CVE-2009-1214

CWE-2647 documents7 sources
Severity
4.9MEDIUM
EPSS
0.1%
top 75.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Screen
Timeline
PublishedApr 1
Latest updateMay 2

Description

GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages2 packages

Debianscreen< 4.0.3-13+3
NVDgnu/screen4.0.3

🔴Vulnerability Details

3
GHSA
GHSA-vfr3-f488-rjr4: GNU screen 42022-05-02
OSV
CVE-2009-1214: GNU screen 42009-04-01
CVEList
CVE-2009-1214: GNU screen 42009-04-01

📋Vendor Advisories

2
Red Hat
screen: Unsafe usage of temporary file2009-01-11
Debian
CVE-2009-1214: screen - GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-read...2009

💬Community

1
Bugzilla
CVE-2009-1214 CVE-2009-1215 screen: Unsafe usage of temporary file2009-03-25
CVE-2009-1214 (MEDIUM CVSS 4.9) | GNU screen 4.0.3 creates the /tmp/s | cvebase.io