CVE-2006-5072

2006-10-1004:06:00

Debian Security Bug Tracker

security-tracker.debian.org

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.7%

JSON

The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack.

OSVersionArchitecturePackageVersionFilename
Debian12allmono< 1.1.17.1-5mono_1.1.17.1-5_all.deb
Debian11allmono< 1.1.17.1-5mono_1.1.17.1-5_all.deb
Debian999allmono< 1.1.17.1-5mono_1.1.17.1-5_all.deb
Debian13allmono< 1.1.17.1-5mono_1.1.17.1-5_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	mono	< 1.1.17.1-5	mono_1.1.17.1-5_all.deb
Debian	11	all	mono	< 1.1.17.1-5	mono_1.1.17.1-5_all.deb
Debian	999	all	mono	< 1.1.17.1-5	mono_1.1.17.1-5_all.deb
Debian	13	all	mono	< 1.1.17.1-5	mono_1.1.17.1-5_all.deb