Unrated severityNVD Advisory· Published Feb 25, 2010· Updated Apr 29, 2026

CVE-2010-0424

Description

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.

Affected products

Fedorahosted/Cronie
cpe:2.3:a:fedorahosted:cronie:*:*:*:*:*:*:*:*
Range: <=1.4.3
Paul Vixie/Vixie Cron
cpe:2.3:a:paul_vixie:vixie_cron:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/38700nvdVendor Advisory
secunia.com/advisories/38741nvdVendor Advisory
lists.fedoraproject.org/pipermail/package-announce/2010-February/035762.htmlnvd
secunia.com/advisories/48104nvd
www.securityfocus.com/bid/38391nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000