Lucene search

K
nvd[email protected]NVD:CVE-2012-3504
HistoryOct 10, 2012 - 6:55 p.m.

CVE-2012-3504

2012-10-1018:55:02
CWE-264
web.nvd.nist.gov

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0

Percentile

5.1%

The nssconfigFound function in genkey.pl in crypto-utils 2.4.1-34 allows local users to overwrite arbitrary files via a symlink attack on the β€œlist” file in the current working directory.

Affected configurations

NVD
Node
fedoraprojectcrypto-utilsMatch2.4.1-34

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0

Percentile

5.1%

Related for NVD:CVE-2012-3504