CVE-1999-1263

Name of the Vulnerable Software and Affected Versions Metamail versions prior to 2.7-7.2

Description The issue allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment. This attachment specifies the full pathname for the file to be modified, which is then processed by uuencode in Metamail scripts, such as sun-audio-file.

Recommendations For Metamail versions prior to 2.7-7.2, update to version 2.7-7.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of uuencode in Metamail scripts to minimize the risk of exploitation.