CVE-2006-1231 : CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a s

CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecv_dbgdatafile.sff temporary file.

Published 2006-03-14 19:06:00

Updated 2018-10-18 16:31:33

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-1231

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-1231

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.2	LOW	AV:L/AC:H/Au:N/C:N/I:P/A:N	1.9	2.9	NIST
Access Vector: Local Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2006-1231

http://marc.info/?l=full-disclosure&m=114176689513438&w=2
http://www.securityfocus.com/bid/17034
https://exchange.xforce.ibmcloud.com/vulnerabilities/25262
http://www.securityfocus.com/archive/1/427084/100/0/threaded

Products affected by CVE-2006-1231

Julian Pawlowski » Capi4hylafax » Version: 1.3
cpe:2.3:a:julian_pawlowski:capi4hylafax:1.3:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-1231

Exploit prediction scoring system (EPSS) score for CVE-2006-1231

CVSS scores for CVE-2006-1231

References for CVE-2006-1231

Products affected by CVE-2006-1231