Critical severity9.8NVD Advisory· Published Apr 21, 2017· Updated May 13, 2026
CVE-2016-3067
CVE-2016-3067
Description
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- cygwin.com/ml/cygwin-announce/2016-02/msg00023.htmlnvdMailing ListRelease NotesVendor Advisory
- cygwin.com/ml/cygwin-announce/2016-04/msg00020.htmlnvdMailing ListRelease NotesVendor Advisory
- cygwin.com/ml/cygwin-announce/2016-04/msg00054.htmlnvdMailing ListRelease NotesVendor Advisory
- cygwin.com/ml/cygwin/2016-02/msg00129.htmlnvdMailing ListRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.