Lucene search

K
cveRedhatCVE-2012-3386
HistoryAug 07, 2012 - 9:55 p.m.

CVE-2012-3386

2012-08-0721:55:01
CWE-264
CWE-362
redhat
web.nvd.nist.gov
52
gnu automake
cve-2012-3386
security vulnerability
code execution

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0

Percentile

5.1%

The “make distcheck” rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd
Node
gnuautomakeRange1.11.5
OR
gnuautomakeMatch1.0
OR
gnuautomakeMatch1.2
OR
gnuautomakeMatch1.3
OR
gnuautomakeMatch1.4
OR
gnuautomakeMatch1.4p1
OR
gnuautomakeMatch1.4p2
OR
gnuautomakeMatch1.4p3
OR
gnuautomakeMatch1.4p4
OR
gnuautomakeMatch1.4p5
OR
gnuautomakeMatch1.4p6
OR
gnuautomakeMatch1.5
OR
gnuautomakeMatch1.6
OR
gnuautomakeMatch1.6.1
OR
gnuautomakeMatch1.6.2
OR
gnuautomakeMatch1.6.3
OR
gnuautomakeMatch1.7
OR
gnuautomakeMatch1.7.1
OR
gnuautomakeMatch1.7.2
OR
gnuautomakeMatch1.7.3
OR
gnuautomakeMatch1.7.4
OR
gnuautomakeMatch1.7.5
OR
gnuautomakeMatch1.7.6
OR
gnuautomakeMatch1.7.7
OR
gnuautomakeMatch1.7.8
OR
gnuautomakeMatch1.7.9
OR
gnuautomakeMatch1.8
OR
gnuautomakeMatch1.8.1
OR
gnuautomakeMatch1.8.2
OR
gnuautomakeMatch1.8.3
OR
gnuautomakeMatch1.8.4
OR
gnuautomakeMatch1.8.5
OR
gnuautomakeMatch1.9
OR
gnuautomakeMatch1.9.1
OR
gnuautomakeMatch1.9.2
OR
gnuautomakeMatch1.9.3
OR
gnuautomakeMatch1.9.4
OR
gnuautomakeMatch1.9.5
OR
gnuautomakeMatch1.9.6
OR
gnuautomakeMatch1.10
OR
gnuautomakeMatch1.10.0.3
OR
gnuautomakeMatch1.10.1
OR
gnuautomakeMatch1.10.2
OR
gnuautomakeMatch1.10.3
OR
gnuautomakeMatch1.11.1
OR
gnuautomakeMatch1.11.2
OR
gnuautomakeMatch1.11.3
OR
gnuautomakeMatch1.11.4
OR
gnuautomakeMatch1.12
OR
gnuautomakeMatch1.12.1
VendorProductVersionCPE
gnuautomake1.7.4cpe:/a:gnu:automake:1.7.4:::
gnuautomake1.7.1cpe:/a:gnu:automake:1.7.1:::
gnuautomake1.7.7cpe:/a:gnu:automake:1.7.7:::
gnuautomake1.4cpe:/a:gnu:automake:1.4:p4::
gnuautomake1.8.5cpe:/a:gnu:automake:1.8.5:::
gnuautomake1.8.1cpe:/a:gnu:automake:1.8.1:::
gnuautomake1.9.5cpe:/a:gnu:automake:1.9.5:::
gnuautomake1.8.4cpe:/a:gnu:automake:1.8.4:::
gnuautomake1.11.4cpe:/a:gnu:automake:1.11.4:::
gnuautomake1.9cpe:/a:gnu:automake:1.9:::
Rows per page:
1-10 of 501

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0

Percentile

5.1%