CVE Catalog

CVE-1999-0475

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.31%

22th percentile — higher than 22% of all known CVEs

Summary

A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.

Risk Assessment

This vulnerability may lead to unauthorized access to sensitive user data, posing a significant security threat to the system.

Recommendation

It is recommended to restrict access to .procmailrc files and update procmail to the latest version to minimize the risk associated with this vulnerability.

Original NVD description (English source)

A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS