Lucene search

[email protected]CVE-2008-0931

HistoryMar 04, 2008 - 12:44 a.m.

CVE-2008-0931

2008-03-0400:44:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-0931

xwine

debian

linux

insecure permissions

arbitrary commands

denial of service

nvd

7.5 High

AI Score

Confidence

High

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file.

CPENameOperatorVersion
xwine:xwinexwineeq1.0.1

CPE	Name	Operator	Version
xwine:xwine	xwine	eq	1.0.1

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=468050

secunia.com/advisories/29125

secunia.com/advisories/29452

www.debian.org/security/2008/dsa-1526

www.securityfocus.com/bid/28369

7.5 High

AI Score

Confidence

High

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-0931

prion1 nessus1 openvas1 debian1 securityvulns2 osv1