CVE-2016-5087

EUVD-2016-6040
Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak permissions for configuration files and unspecified other files, which allows local users to suppress emergency notifications or change content via standard filesystem operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
alertusalertus_desktop_notification_for_os_x
𝑥
≤ 2.9.30.1700
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.kb.cert.org/vuls/id/302544
http://www.kb.cert.org/vuls/id/BLUU-A9TJHR
http://www.kb.cert.org/vuls/id/302544
http://www.kb.cert.org/vuls/id/BLUU-A9TJHR