CVE-2006-5297

N/A Unknown

Published: October 16, 2006 Modified: April 23, 2026

Description

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=mutt-dev&m=115999486426292&w=2

Source: cve@mitre.org

http://secunia.com/advisories/22613

Source: cve@mitre.org

http://secunia.com/advisories/22640

Source: cve@mitre.org

http://secunia.com/advisories/22685

Source: cve@mitre.org

http://secunia.com/advisories/22686

Source: cve@mitre.org

http://secunia.com/advisories/25529

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:190

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2007-0386.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/20733

Source: cve@mitre.org

http://www.trustix.org/errata/2006/0061/

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-373-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/4176

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601

Source: cve@mitre.org

http://marc.info/?l=mutt-dev&m=115999486426292&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22613

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22640

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22685

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22686

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/25529

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:190

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2007-0386.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/20733

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.trustix.org/errata/2006/0061/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/usn-373-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/4176

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601

Source: af854a3a-2127-422b-91ae-364da2661108

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

Exploitation Status

Not in CISA KEV

Affected Vendors

mutt