5 matches found
Security Bulletin: Multiple vulnerabilities in scala-compiler-2.11.8.jar affect IBM Application Performance Management products
Summary There are multiple vulnerabilities in scala-compiler-2.11.8.jar used by IBM Application Performance Management. IBM Application Performance Management has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-15288 DESCRIPTION: Scala could allow a local authenticated attacke...
GLSA-201812-08 : Scala: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201812-08 Scala: Privilege escalation It was discovered that Scalas compilation daemon does not properly manage permissions for private files. Impact : A local attacker could escalate privileges. Workaround : There is no known...
CVE-2017-15288
The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges. Mitigati...
UBUNTU-CVE-2017-15288
The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/$USER:shared/scalac-compile-server-port, which allows local users to write to arbitrary class files and consequently gain privileges...
CVE-2017-15288
CVE-2017-15288 affects the Scala compilation daemon. The root cause is weak permissions for private files in /tmp/scala-devel/${USER:shared}/scalac-compile-server-port, allowing a local user to overwrite arbitrary class files and escalate privileges. Affected branches: Scala pre-2.10.7, 2.11.x be...