CVE-1999-1173 in WordPerfectinfo

Summary

by MITRE

Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 04/17/2026

This vulnerability exists in Corel Word Perfect 8 for Linux where the application creates a temporary working directory with world-writable permissions during its execution. The flaw stems from improper privilege management and directory creation practices within the software's initialization process. When Word Perfect launches, it generates a temporary directory that is accessible and modifiable by all local users on the system, creating a significant security risk that can be exploited by malicious actors with local access.

The technical implementation of this vulnerability allows for two distinct attack vectors that leverage the world-writable permissions of the temporary directory. The first vector enables local users to modify the application's behavior by placing malicious files within the working directory, potentially altering how Word Perfect processes documents or executes commands. The second and more severe vector involves symlink attacks where an attacker can create symbolic links within the temporary directory that point to sensitive files owned by other users, allowing unauthorized modification of those files. This represents a classic privilege escalation scenario where a less-privileged user can gain access to files they normally shouldn't be able to modify.

The operational impact of this vulnerability extends beyond simple file modification capabilities and represents a fundamental security flaw that undermines the integrity of the system's file permissions model. Local users can effectively bypass normal access controls and potentially compromise the confidentiality and integrity of other users' data. This vulnerability is particularly dangerous in multi-user environments where users may have different privilege levels and security requirements. The attack surface is broad since any user with local access can exploit this weakness, making it a significant concern for system administrators managing shared computing environments.

From a cybersecurity perspective, this vulnerability maps directly to CWE-732: Insufficient Permission Management and CWE-377: Insecure Temporary File Creation, both of which are categorized under weak privilege management and insecure file handling practices. The attack pattern aligns with ATT&CK technique T1068: Exploitation for Privilege Escalation and T1059: Command and Scripting Interpreter, as attackers can leverage the compromised temporary directory to execute malicious code or modify system behavior. The vulnerability demonstrates poor security hygiene in application design and highlights the importance of proper file permission management and secure temporary file handling practices.

The recommended mitigations for this vulnerability include immediate patching of the Word Perfect application to correct the directory creation permissions, implementing proper privilege separation during temporary directory creation, and ensuring that temporary directories are created with restrictive permissions that only allow the application process to modify them. System administrators should also consider implementing additional monitoring for unauthorized modifications to temporary directories and applying principle of least privilege concepts to limit the impact of such vulnerabilities. Long-term solutions should involve comprehensive security testing of applications during development phases, including proper permission management and secure temporary file handling practices to prevent similar issues from occurring in the future.

Sources

Want to know what is going to be exploited?

We predict KEV entries!