1. Home
  2. CVE Database
  3. CVE-2003-1324
MEDIUM · 4.6

CVE-2003-1324

Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the p...

Vulnerability Description

Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Elmme-MailerElm Me\+2.4

References

FAQ

What is CVE-2003-1324?

CVE-2003-1324 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the p...

How severe is CVE-2003-1324?

CVE-2003-1324 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-1324?

Check the references section above for vendor advisories and patch information. Affected products include: Elmme-Mailer Elm Me\+.