Vulnerabilities > CVE-2001-1448 - Unspecified vulnerability in Magic Edeveloper

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

magic

NVD

Published: 2001-12-17

Updated: 2024-11-20

Summary

Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.

Vulnerable Configurations

Part	Description	Count
Application	Magic Magic Edeveloper *	1

References

http://www.kb.cert.org/vuls/id/157795
http://www.kb.cert.org/vuls/id/157795
http://www.securityfocus.com/archive/1/246343
http://www.securityfocus.com/archive/1/246343
https://exchange.xforce.ibmcloud.com/vulnerabilities/10616
https://exchange.xforce.ibmcloud.com/vulnerabilities/10616