CVE-2010-0118
6.1 Medium
AI Score
Confidence
Low
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check.
References
lists.fedoraproject.org/pipermail/package-announce/2010-March/036697.html
lists.fedoraproject.org/pipermail/package-announce/2010-March/036701.html
lists.fedoraproject.org/pipermail/package-announce/2010-March/036764.html
secunia.com/advisories/38554
secunia.com/advisories/38814
secunia.com/secunia_research/2010-6/
www.securityfocus.com/archive/1/509685/100/0/threaded
www.securityfocus.com/bid/38353
Related
6.1 Medium
AI Score
Confidence
Low
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%