CVE Vulnerabilities

CVE-2003-1399

Published: Dec 31, 2003 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
1.9 LOW
AV:L/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information.

Affected Software

Name Vendor Start Version End Version
Eject Eject 2.0.10 2.0.10
Eject Eject 2.0.11 2.0.11
Eject Eject 2.0.12 2.0.12

References