Lucene search

[email protected]NVD:CVE-2012-2093

HistoryMay 18, 2012 - 10:55 p.m.

CVE-2012-2093

2012-05-1822:55:02

CWE-59

[email protected]

web.nvd.nist.gov

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

Confidence

Low

EPSS

Percentile

5.1%

JSON

src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.

Affected configurations

Nvd

Node

gajimgajimMatch0.15

References

hg.gajim.org/gajim/rev/f046e4aaf7d4

lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html

secunia.com/advisories/48695

secunia.com/advisories/48794

security.gentoo.org/glsa/glsa-201208-04.xml

www.openwall.com/lists/oss-security/2012/04/10/15

www.openwall.com/lists/oss-security/2012/04/10/6

www.securityfocus.com/bid/53017

exchange.xforce.ibmcloud.com/vulnerabilities/74869

trac.gajim.org/changeset/13759/src/common/latex.py

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2012-2093

openvas12 ubuntucve1 fedora3 nessus5 debiancve1 prion1 cvelist1 cve1 debian2 gentoo1 osv2 securityvulns2