Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-3289HistorySep 22, 2009 - 10:30 a.m.
CVE-2009-3289
2009-09-2210:30:00
Debian Security Bug Tracker
security-tracker.debian.org
14
0.0004 Low
EPSS
Percentile
5.2%
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | glib2.0 | < 2.22.0-1 | glib2.0_2.22.0-1_all.deb |
| Debian | 11 | all | glib2.0 | < 2.22.0-1 | glib2.0_2.22.0-1_all.deb |
| Debian | 10 | all | glib2.0 | < 2.22.0-1 | glib2.0_2.22.0-1_all.deb |
| Debian | 999 | all | glib2.0 | < 2.22.0-1 | glib2.0_2.22.0-1_all.deb |
| Debian | 13 | all | glib2.0 | < 2.22.0-1 | glib2.0_2.22.0-1_all.deb |
Related
seebug
seebug
GNOME glib库g_file_copy函数不安全文件权限设置漏洞
2009-09-23 00:00:00
nessus
nessus
openSUSE Security Update : glib2 (openSUSE-SU-2010:0155-1)
2010-04-27 00:00:00
SuSE 11 Security Update : glib2 (SAT Patch Number 1831)
2010-12-02 00:00:00
openSUSE Security Update : glib2 (openSUSE-SU-2010:0156-1)
2010-04-27 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-841-1)
2009-10-13 00:00:00
Ubuntu USN-841-1 (glib2.0)
2009-10-13 00:00:00
Mandrake Security Advisory MDVSA-2009:245 (glib2.0)
2009-09-28 00:00:00
cve
cve
CVE-2009-3289
2009-09-22 10:30:00
ubuntucve
ubuntucve
CVE-2009-3289
2009-09-22 00:00:00
securityvulns
securityvulns
glib library privilege escalation
2009-09-24 00:00:00
[ MDVSA-2009:245 ] glib2.0
2009-09-24 00:00:00
prion
prion
Directory traversal
2009-09-22 10:30:00
cvelist
cvelist
CVE-2009-3289
2009-09-22 10:00:00
ubuntu
ubuntu
GLib vulnerability
2009-10-05 00:00:00