The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and safe_fopen function calls.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-10-16T19:00:00
Updated: 2024-08-07T19:48:28.687Z
Reserved: 2006-10-16T00:00:00
Link: CVE-2006-5298
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-10-16T19:07:00.000
Modified: 2016-10-18T03:41:21.207
Link: CVE-2006-5298
Redhat
No data.