CVE-2006-5297
Last modified
CVE-2006-5297 is a vulnerability of currently unknown severity. Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.
Description
Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mutt | Mutt | <= 1.5.12 |
| Mutt | Mutt | 0.95.6 |
| Mutt | Mutt | 1.2.1 |
| Mutt | Mutt | 1.2.5 |
| Mutt | Mutt | 1.2.5.1 |
| Mutt | Mutt | 1.2.5.4 |
| Mutt | Mutt | 1.2.5.5 |
| Mutt | Mutt | 1.2.5.12 |
| Mutt | Mutt | 1.2.5.12_ol |
| Mutt | Mutt | 1.3.12 |
| Mutt | Mutt | 1.3.12.1 |
| Mutt | Mutt | 1.3.16 |
| Mutt | Mutt | 1.3.17 |
| Mutt | Mutt | 1.3.22 |
| Mutt | Mutt | 1.3.24 |
| Mutt | Mutt | 1.3.25 |
| Mutt | Mutt | 1.3.27 |
| Mutt | Mutt | 1.3.28 |
| Mutt | Mutt | 1.4.0 |
| Mutt | Mutt | 1.4.1 |
| Mutt | Mutt | 1.4.2 |
| Mutt | Mutt | 1.4.2.1 |
| Mutt | Mutt | 1.5.3 |
| Mutt | Mutt | 1.5.10 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-5297?
How severe is CVE-2006-5297?
How do I fix CVE-2006-5297?
Are you affected by CVE-2006-5297?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST