CVE-1999-1439

CVSS 2.0 Score 2.1 of 10 (low)

Details

Published Jan 2, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1439 is a vulnerability affecting the GNU Compiler Collection (gcc) version 2.7.2. This issue grants local users the ability to overwrite arbitrary files by exploiting a symlink (symbolic link) vulnerability on temporary .i, .s, or .o files. By crafting a malicious symlink, an attacker can manipulate the compiler to write data to a file of their choosing, resulting in potential data corruption or unauthorized file modification. This vulnerability emphasizes the importance of proper file permissions and input validation in software development to mitigate such risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlXYQ
https://www.cve.org/CVERecord?id=CVE-1999-1439
https://nvd.nist.gov/vuln/detail/CVE-1999-1439

Back to Vulnerability Database

CVE-1999-1439

CVSS 2.0 Score 2.1 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations