CVE-2006-5297

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

Published: Oct 16, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-5297
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.2
AV:L/AC:H/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mutt / mutt	1.3.12.1	1.3.12.1.x
mutt / mutt	1.2.5.5	1.2.5.5.x
mutt / mutt	0.95.6	0.95.6.x
mutt / mutt	1.3.27	1.3.27.x
mutt / mutt	1.4.2.1	1.4.2.1.x
mutt / mutt	1.3.16	1.3.16.x
mutt / mutt	1.2.5	1.2.5.x
mutt / mutt	1.3.25	1.3.25.x
mutt / mutt	1.4.1	1.4.1.x
mutt / mutt	-	1.5.12.x
mutt / mutt	1.3.22	1.3.22.x
mutt / mutt	1.2.5.12	1.2.5.12.x
mutt / mutt	1.2.5.1	1.2.5.1.x
mutt / mutt	1.2.5.4	1.2.5.4.x
mutt / mutt	1.3.28	1.3.28.x
mutt / mutt	1.3.24	1.3.24.x
mutt / mutt	1.4.0	1.4.0.x
mutt / mutt	1.2.1	1.2.1.x
mutt / mutt	1.4.2	1.4.2.x
mutt / mutt	1.3.17	1.3.17.x
mutt / mutt	1.5.3	1.5.3.x
mutt / mutt	1.2.5.12_ol	1.2.5.12_ol.x
mutt / mutt	1.3.12	1.3.12.x
mutt / mutt	1.5.10	1.5.10.x

Vulnerability Database

289,697

CVE-2006-5297