Vulnerability Details : CVE-1999-1554
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
Exploit prediction scoring system (EPSS) score for CVE-1999-1554
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-1999-1554
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
References for CVE-1999-1554
-
http://www.iss.net/security_center/static/3164.php
-
http://www.securityfocus.com/bid/13
Patch;Vendor Advisory
-
http://www.cert.org/advisories/CA-1990-08.html
Patch;Third Party Advisory;US Government Resource
Products affected by CVE-1999-1554
- cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*