Vulnerability Details CVE-2002-1311
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.5%
CVSS Severity
CVSS v2 Score 4.6
References
- http://marc.info/?l=bugtraq&m=103794021013436&w=2
- http://www.debian.org/security/2002/dsa-197
- http://www.iss.net/security_center/static/10643.php
- http://www.securityfocus.com/bid/6189
- http://marc.info/?l=bugtraq&m=103794021013436&w=2
- http://www.debian.org/security/2002/dsa-197
- http://www.iss.net/security_center/static/10643.php
- http://www.securityfocus.com/bid/6189
Products affected by CVE-2002-1311
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.37.3
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.40