Vulnerability Details CVE-2005-2353
run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.4%
CVSS Severity
CVSS v2 Score 2.1
References
- http://secunia.com/advisories/19863
- http://secunia.com/advisories/19941
- http://www.debian.org/security/2006/dsa-1046
- http://www.debian.org/security/2006/dsa-1051
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:173
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
- http://www.securityfocus.com/bid/14443
- https://usn.ubuntu.com/157-1/
- http://secunia.com/advisories/19863
- http://secunia.com/advisories/19941
- http://www.debian.org/security/2006/dsa-1046
- http://www.debian.org/security/2006/dsa-1051
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:173
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
- http://www.securityfocus.com/bid/14443
- https://usn.ubuntu.com/157-1/
Products affected by CVE-2005-2353
-
cpe:2.3:a:mozilla:thunderbird:1.5.0.9