CVE-2006-5297

2006-10-1619:07:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

1.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

EPSS

Percentile

10.1%

JSON

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

OSVersionArchitecturePackageVersionFilename
Debian12allmutt< 1.5.13-1.1mutt_1.5.13-1.1_all.deb
Debian11allmutt< 1.5.13-1.1mutt_1.5.13-1.1_all.deb
Debian999allmutt< 1.5.13-1.1mutt_1.5.13-1.1_all.deb
Debian13allmutt< 1.5.13-1.1mutt_1.5.13-1.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	mutt	< 1.5.13-1.1	mutt_1.5.13-1.1_all.deb
Debian	11	all	mutt	< 1.5.13-1.1	mutt_1.5.13-1.1_all.deb
Debian	999	all	mutt	< 1.5.13-1.1	mutt_1.5.13-1.1_all.deb
Debian	13	all	mutt	< 1.5.13-1.1	mutt_1.5.13-1.1_all.deb