Critical severity9.8NVD Advisory· Published Apr 21, 2017· Updated Jun 17, 2026
CVE-2016-3067
CVE-2016-3067
Description
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- cygwin.com/ml/cygwin-announce/2016-02/msg00023.htmlnvdMailing ListRelease NotesVendor Advisory
- cygwin.com/ml/cygwin-announce/2016-04/msg00020.htmlnvdMailing ListRelease NotesVendor Advisory
- cygwin.com/ml/cygwin-announce/2016-04/msg00054.htmlnvdMailing ListRelease NotesVendor Advisory
- cygwin.com/ml/cygwin/2016-02/msg00129.htmlnvdMailing ListRelease NotesVendor Advisory
- sourceware.org/git/nvd
News mentions
0No linked articles in our index yet.