Home > Vulnerability Database > CVE-2004-0157

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2004-0157

Date: April 16, 2004

x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.

Severity Score

5.9

Related Resources (10)

Url: http://www.debian.org/security/2004/dsa-484

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/15873

Url: http://shellcode.org/Advisories/XONIX.txt

Url: https://nvd.nist.gov/vuln/detail/CVE-2004-0157

Url: http://www.osvdb.org/5358

Url: http://secunia.com/advisories/11382

Url: http://www.securityfocus.com/bid/10149

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2004-0157

Url: http://securitytracker.com/id?1009789

Url: https://www.mend.io/vulnerability-database/CVE-2004-0157

Severity Score

5.9

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	4.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us