CVE-2006-5297

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

Published: Oct 16, 2006
Updated: Nov 9, 2025
CVE: CVE-2006-5297
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.2
AV:L/AC:H/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mutt / mutt	1.3.12.1	1.3.12.1.x
mutt / mutt	1.2.5.5	1.2.5.5.x
mutt / mutt	0.95.6	0.95.6.x
mutt / mutt	1.3.27	1.3.27.x
mutt / mutt	1.4.2.1	1.4.2.1.x
mutt / mutt	1.3.16	1.3.16.x
mutt / mutt	1.2.5	1.2.5.x
mutt / mutt	1.3.25	1.3.25.x
mutt / mutt	1.4.1	1.4.1.x
mutt / mutt	-	1.5.12.x
mutt / mutt	1.3.22	1.3.22.x
mutt / mutt	1.2.5.12	1.2.5.12.x
mutt / mutt	1.2.5.1	1.2.5.1.x
mutt / mutt	1.2.5.4	1.2.5.4.x
mutt / mutt	1.3.28	1.3.28.x
mutt / mutt	1.3.24	1.3.24.x
mutt / mutt	1.4.0	1.4.0.x
mutt / mutt	1.2.1	1.2.1.x
mutt / mutt	1.4.2	1.4.2.x
mutt / mutt	1.3.17	1.3.17.x
mutt / mutt	1.5.3	1.5.3.x
mutt / mutt	1.2.5.12_ol	1.2.5.12_ol.x
mutt / mutt	1.3.12	1.3.12.x
mutt / mutt	1.5.10	1.5.10.x

Vulnerability Database

313,825

CVE-2006-5297

Deep Security Visibility Without the Complexity