CVE-2002-1395

Name of the Vulnerable Software and Affected Versions Internet Message versions 141-18 and earlier

Description The issue allows local users to obtain unauthorized directory permissions and overwrite or create arbitrary files. This is due to the use of predictable file and directory names. There is a potential risk of integrity violation of protected information. The exploitation of this issue can be performed locally.

Recommendations For Internet Message versions 141-18 and earlier, consider restricting access to temporary directories used by impwagent and immknmz to minimize the risk of unauthorized directory permissions and arbitrary file creation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.