CVE-2016-5087

Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak permissions for configuration files and unspecified other files, which allows local users to suppress emergency notifications or change content via standard filesystem operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
alertusalertus_desktop_notification_for_os_x
𝑥
≤ 2.9.30.1700
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.kb.cert.org/vuls/id/302544
http://www.kb.cert.org/vuls/id/BLUU-A9TJHR
http://www.kb.cert.org/vuls/id/302544
http://www.kb.cert.org/vuls/id/BLUU-A9TJHR