CVE-1999-1409
LowExploitation Probability (EPSS)
Elevated risk57th percentile — higher than 57% of all known CVEs
Summary
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
Risk Assessment
This vulnerability allows local users to access sensitive information from other files, potentially leading to privacy breaches and data security issues within the organization.
Recommendation
It is recommended to update systems to the latest versions that mitigate this vulnerability and to restrict access to the at program only to trusted users.
Original NVD description (English source)
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

