GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-21
Updated
2016-10-18
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-08-05
Updated
2008-09-09
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-04-20
Updated
2014-12-31
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
Max CVSS
5.0
EPSS Score
1.22%
Published
1999-01-02
Updated
2022-08-17
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!