CVE Vulnerabilities

CVE-2019-18862

Published: Nov 11, 2019 | Modified: Aug 24, 2020
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.

Affected Software

Name Vendor Start Version End Version
Mailutils Gnu * 3.8 (excluding)
Mailutils Ubuntu bionic *
Mailutils Ubuntu devel *
Mailutils Ubuntu disco *
Mailutils Ubuntu eoan *
Mailutils Ubuntu esm-apps/bionic *
Mailutils Ubuntu esm-apps/focal *
Mailutils Ubuntu esm-apps/jammy *
Mailutils Ubuntu esm-apps/noble *
Mailutils Ubuntu esm-apps/xenial *
Mailutils Ubuntu focal *
Mailutils Ubuntu groovy *
Mailutils Ubuntu hirsute *
Mailutils Ubuntu impish *
Mailutils Ubuntu jammy *
Mailutils Ubuntu kinetic *
Mailutils Ubuntu lunar *
Mailutils Ubuntu mantic *
Mailutils Ubuntu noble *
Mailutils Ubuntu trusty *
Mailutils Ubuntu trusty/esm *
Mailutils Ubuntu xenial *

References