Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-3386
HistoryAug 07, 2012 - 12:00 a.m.

CVE-2012-3386

2012-08-0700:00:00
ubuntu.com
ubuntu.com
11

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

5.1%

The “make distcheck” rule in GNU Automake before 1.11.6 and 1.12.x before
1.12.2 grants world-writable permissions to the extraction directory, which
introduces a race condition that allows local users to execute arbitrary
code via unspecified vectors.

Bugs

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

5.1%