CVE Catalog

CVE-1999-1173

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.52%

71th percentile — higher than 71% of all known CVEs

Summary

Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, allowing local users to modify Word Perfect behavior by editing files in the working directory or to modify other users' files via a symlink attack.

Risk Assessment

The risk is that local users can make unauthorized changes to the application's behavior and to other users' files, potentially leading to data loss or privacy breaches.

Recommendation

It is recommended to change the permissions of the working directory to prevent write access by all users and to implement additional security measures to minimize the risk of symlink attacks.

Original NVD description (English source)

Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS