Lucene search
HistoryJul 03, 2012 - 4:40 p.m.
CVE-2012-1106
CVSS2
1.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
AI Score
7.3
Confidence
High
EPSS
0
Percentile
5.1%
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local users to obtain sensitive information.
Affected configurations
Node
redhatautomatic_bug_reporting_toolRange≤2.0.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | automatic_bug_reporting_tool | * | cpe:2.3:a:redhat:automatic_bug_reporting_tool:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-1106
2012-07-03 16:00:00
cve
cve
CVE-2012-1106
2012-07-03 16:40:32
prion
prion
Information disclosure
2012-07-03 16:40:00
openvas
openvas
CentOS Update for abrt CESA-2012:0841 centos6
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2012-0841)
2015-10-06 00:00:00
nessus
nessus
RHEL 6 : abrt, libreport, btparser, and python-meh (RHSA-2012:0841)
2012-06-20 00:00:00
Oracle Linux 6 : abrt / btparser / libreport / python-meh (ELSA-2012-0841)
2013-07-12 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:41:57
oraclelinux
oraclelinux
abrt, libreport, btparser, and python-meh security and bug fix update
2012-06-27 00:00:00
centos
centos
abrt, btparser, libreport security update
2012-07-10 17:16:48
redhat
redhat
CVSS2
1.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
AI Score
7.3
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2012-1106