Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-5660
HistoryMar 12, 2013 - 11:55 p.m.

CVE-2012-5660

2013-03-1223:55:01
CWE-362
CWE-264
[email protected]
web.nvd.nist.gov
28
cve-2012-5660
abrt
automatic bug reporting tool
symlink attack
world-writable permissions
crash information
privilege escalation
nvd

6.1 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on “the directories used to store information about crashes.”

Affected configurations

NVD
Node
redhatautomatic_bug_reporting_toolRange2.0.9
OR
redhatautomatic_bug_reporting_toolMatch2.0.0
OR
redhatautomatic_bug_reporting_toolMatch2.0.1
OR
redhatautomatic_bug_reporting_toolMatch2.0.2
OR
redhatautomatic_bug_reporting_toolMatch2.0.3
OR
redhatautomatic_bug_reporting_toolMatch2.0.4
OR
redhatautomatic_bug_reporting_toolMatch2.0.4.980
OR
redhatautomatic_bug_reporting_toolMatch2.0.4.981
OR
redhatautomatic_bug_reporting_toolMatch2.0.5
OR
redhatautomatic_bug_reporting_toolMatch2.0.6
OR
redhatautomatic_bug_reporting_toolMatch2.0.7
OR
redhatautomatic_bug_reporting_toolMatch2.0.8
CPENameOperatorVersion
redhat:automatic_bug_reporting_toolredhat automatic bug reporting toolle2.0.9
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.0
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.1
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.2
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.3
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.4
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.4.980
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.4.981
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.5
redhat:automatic_bug_reporting_toolredhat automatic bug reporting tooleq2.0.6
Rows per page:
1-10 of 121

Related

prion 1
cvelist 1
nvd 1
centos 1
openvas 7
nessus 4
oraclelinux 1
veracode 1
redhat 1
prion
prion
Code injection
2013-03-12 23:55:00
cvelist
cvelist
CVE-2012-5660
2013-03-12 22:00:00
nvd
nvd
CVE-2012-5660
2013-03-12 23:55:01
centos
centos
abrt, libreport security update
2013-02-01 00:54:46
openvas
openvas
RedHat Update for abrt and libreport RHSA-2013:0215-01
2013-02-04 00:00:00
CentOS Update for abrt CESA-2013:0215 centos6
2013-02-04 00:00:00
CentOS Update for libreport CESA-2013:0215 centos6
2013-02-04 00:00:00
nessus
nessus
CentOS 6 : abrt / libreport (CESA-2013:0215)
2013-02-01 00:00:00
RHEL 6 : abrt and libreport (RHSA-2013:0215)
2013-02-01 00:00:00
Oracle Linux 6 : abrt / libreport (ELSA-2013-0215)
2013-07-12 00:00:00
oraclelinux
oraclelinux
abrt and libreport security update
2013-01-31 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 04:52:18
redhat
redhat
(RHSA-2013:0215) Important: abrt and libreport security update
2013-01-31 00:00:00

6.1 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for CVE-2012-5660
prion1cvelist1nvd1centos1openvas7nessus4oraclelinux1veracode1redhat1