CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1448

Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.1%

CVSS Severity

CVSS v2 Score 4.6

References

http://www.kb.cert.org/vuls/id/157795
http://www.securityfocus.com/archive/1/246343
https://exchange.xforce.ibmcloud.com/vulnerabilities/10616
http://www.kb.cert.org/vuls/id/157795
http://www.securityfocus.com/archive/1/246343
https://exchange.xforce.ibmcloud.com/vulnerabilities/10616

Products affected by CVE-2001-1448

Magic » Edeveloper » Version: Any

cpe:2.3:a:magic:edeveloper:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1448

Products

Pricing

Contact Us