Lucene search

K
cve[email protected]CVE-2012-3329
HistoryDec 19, 2012 - 11:55 a.m.

CVE-2012-3329

2012-12-1911:55:54
CWE-59
web.nvd.nist.gov
19
ibm
asu
bomc
linux
symlink attack
file overwrite
security vulnerability

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.

Affected configurations

NVD
Node
ibmadvanced_settings_utilityMatch3.62
OR
ibmadvanced_settings_utilityMatch3.70
OR
ibmadvanced_settings_utilityMatch9.21
OR
ibmbootable_media_creatorMatch2.30
OR
ibmbootable_media_creatorMatch3.00
OR
ibmbootable_media_creatorMatch9.21
AND
linuxlinux_kernel

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for CVE-2012-3329