Lucene search

[email protected]NVD:CVE-2012-0054

HistoryMar 19, 2012 - 7:55 p.m.

CVE-2012-0054

2012-03-1919:55:01

CWE-59

[email protected]

web.nvd.nist.gov

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat.

Affected configurations

Nvd

Node

golismerogolismeroMatch0.6.3

VendorProductVersionCPE
golismerogolismero0.6.3cpe:2.3:a:golismero:golismero:0.6.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
golismero	golismero	0.6.3	cpe:2.3:a:golismero:golismero:0.6.3:::::::*

References

code.google.com/p/golismero/source/detail?r=2b3bb43d68676efd687361f7de29380189031ab8

www.openwall.com/lists/oss-security/2012/01/17/10

www.openwall.com/lists/oss-security/2012/01/17/7

www.osvdb.org/78472

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2012-0054

cvelist1 prion1 cve1