Vulnerability Details CVE-2006-2221
A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and earlier, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitrock_installer.log temporary file. NOTE: it is possible that this vulnerability is present in other products that use this installer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.2%
CVSS Severity
CVSS v2 Score 2.1
Products affected by CVE-2006-2221
-
cpe:2.3:a:bitrock:install_builder:*
-
cpe:2.3:a:process-one:ejabberd:0.9
-
cpe:2.3:a:process-one:ejabberd:0.9.1
-
cpe:2.3:a:process-one:ejabberd:0.9.8
-
cpe:2.3:a:process-one:ejabberd:1.0.0
-
cpe:2.3:a:process-one:ejabberd:1.1.0
-
cpe:2.3:a:process-one:ejabberd:1.1.1
-
cpe:2.3:a:process-one:ejabberd:1.1.1.0
-
cpe:2.3:a:process-one:ejabberd:1.1.1.1