Lucene search
HistoryJan 14, 2011 - 11:00 p.m.
CVE-2010-4337
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
5.1%
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.
Affected configurations
Node
gnugnashMatch0.8.8
Related
nessus
nessus
Fedora 13 : gnash-0.8.9-1.fc13 (2011-3662)
2011-03-28 00:00:00
Fedora 15 : gnash-0.8.9-0.1.20110312git.fc15 (2011-3261)
2011-03-18 00:00:00
Fedora 14 : gnash-0.8.9-1.fc14 (2011-3658)
2011-03-28 00:00:00
openvas
openvas
Fedora Update for gnash FEDORA-2011-3662
2011-04-01 00:00:00
Fedora Update for gnash FEDORA-2011-3658
2011-04-01 00:00:00
Fedora Update for gnash FEDORA-2011-3662
2011-04-01 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: gnash-0.8.9-1.fc13
2011-03-27 19:35:31
[SECURITY] Fedora 14 Update: gnash-0.8.9-1.fc14
2011-03-27 19:28:00
[SECURITY] Fedora 15 Update: gnash-0.8.9-0.1.20110312git.fc15
2011-03-18 03:59:58
debiancve
debiancve
CVE-2010-4337
2011-01-14 23:00:00
prion
prion
Code injection
2011-01-14 23:00:00
cvelist
cvelist
CVE-2010-4337
2011-01-14 22:00:00
cve
cve
CVE-2010-4337
2011-01-14 23:00:47
ubuntucve
ubuntucve
CVE-2010-4337
2011-01-14 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2435-1] gnash security update
2012-03-26 00:00:00
gnash multiple security vulnerabilities
2012-03-26 00:00:00
debian
debian
[SECURITY] [DSA 2435-1] gnash security update
2012-03-19 23:05:34
osv
osv
gnash - several
2012-03-19 00:00:00
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2010-4337