Symlink Attack Vulnerability in Extcompose of Metamail

Symlink Attack Vulnerability in Extcompose of Metamail

CVE-2004-1808 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.

Learn more about our User Device Pen Test.