CVE-1999-1071
CVSS 2.0 Score 7.2 of 10 (high)
Details
Summary
CVE-1999-1071 is a vulnerability affecting Excite for Web Servers (EWS) version 1.1. The issue arises due to the installation of the Architext.conf authentication file with world-writeable permissions. An attacker can exploit this vulnerability by modifying the file locally, allowing unauthorized access to Excite accounts. This flaw poses a significant risk to system security, as it enables local users to gain unintended access to sensitive information. It is crucial for users to update their EWS installation or apply appropriate file permissions to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Excite Japan Co.,Ltd.