CVE-1999-1332

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Dec 31, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1332 is a vulnerability affecting the gzexe component in the gzip package of Red Hat Linux version 5.0 and earlier. This issue grants local users the ability to overwrite files of other users by exploiting a symlink attack on a temporary file. By creating a malicious symbolic link, an attacker can manipulate the behavior of gzexe, causing it to write to an unintended file location and potentially leading to data loss or privilege escalation. This vulnerability poses a significant security risk and requires immediate attention from system administrators to apply the available patch or upgrade to a newer, secure version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Red Hat Enterprise Linux

Affected Vendors

  • Red Hat