Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-3981
HistoryJun 08, 2014 - 12:00 a.m.

CVE-2014-3981

2014-06-0800:00:00
ubuntu.com
ubuntu.com
17

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

EPSS

0.001

Percentile

17.2%

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier,
allows local users to overwrite arbitrary files via a symlink attack on the
/tmp/phpglibccheck file.

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

EPSS

0.001

Percentile

17.2%