// For flags

CVE-1999-1168

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 1999-02-20 CVE Published
  • 2001-08-31 CVE Reserved
  • 2023-03-08 EPSS Updated
  • 2024-08-01 CVE Updated
  • 2024-08-01 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (1)
URL Tag Source
URL Date SRC
http://www.securityfocus.com/archive/1/12640 2024-08-01
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Iss
Search vendor "Iss"
 Internet Security Scanner
Search vendor "Iss" for product "Internet Security Scanner"
 5.3
Search vendor "Iss" for product "Internet Security Scanner" and version "5.3"
linux
Affected