CVE-2010-2199

EPSS 0.05%
Veröffentlicht 08.06.2010 18:30:10
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to a vulnerable file that has a POSIX ACL, a related issue to CVE-2010-2059.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rpm ≫ Rpm Version1.2

Rpm ≫ Rpm Version1.3

Rpm ≫ Rpm Version1.3.1

Rpm ≫ Rpm Version1.4

Rpm ≫ Rpm Version1.4.2

Rpm ≫ Rpm Version1.4.3

Rpm ≫ Rpm Version1.4.4

Rpm ≫ Rpm Version1.4.5

Rpm ≫ Rpm Version1.4.6

Rpm ≫ Rpm Version1.4.7

Rpm ≫ Rpm Version2..4.10

Rpm ≫ Rpm Version2.0

Rpm ≫ Rpm Version2.0.1

Rpm ≫ Rpm Version2.0.2

Rpm ≫ Rpm Version2.0.3

Rpm ≫ Rpm Version2.0.4

Rpm ≫ Rpm Version2.0.5

Rpm ≫ Rpm Version2.0.6

Rpm ≫ Rpm Version2.0.7

Rpm ≫ Rpm Version2.0.8

Rpm ≫ Rpm Version2.0.9

Rpm ≫ Rpm Version2.0.10

Rpm ≫ Rpm Version2.0.11

Rpm ≫ Rpm Version2.1

Rpm ≫ Rpm Version2.1.1

Rpm ≫ Rpm Version2.1.2

Rpm ≫ Rpm Version2.2

Rpm ≫ Rpm Version2.2.1

Rpm ≫ Rpm Version2.2.2

Rpm ≫ Rpm Version2.2.3

Rpm ≫ Rpm Version2.2.3.10

Rpm ≫ Rpm Version2.2.3.11

Rpm ≫ Rpm Version2.2.4

Rpm ≫ Rpm Version2.2.5

Rpm ≫ Rpm Version2.2.6

Rpm ≫ Rpm Version2.2.7

Rpm ≫ Rpm Version2.2.8

Rpm ≫ Rpm Version2.2.9

Rpm ≫ Rpm Version2.2.10

Rpm ≫ Rpm Version2.2.11

Rpm ≫ Rpm Version2.3

Rpm ≫ Rpm Version2.3.1

Rpm ≫ Rpm Version2.3.2

Rpm ≫ Rpm Version2.3.3

Rpm ≫ Rpm Version2.3.4

Rpm ≫ Rpm Version2.3.5

Rpm ≫ Rpm Version2.3.6

Rpm ≫ Rpm Version2.3.7

Rpm ≫ Rpm Version2.3.8

Rpm ≫ Rpm Version2.3.9

Rpm ≫ Rpm Version2.4.1

Rpm ≫ Rpm Version2.4.2

Rpm ≫ Rpm Version2.4.3

Rpm ≫ Rpm Version2.4.4

Rpm ≫ Rpm Version2.4.5

Rpm ≫ Rpm Version2.4.6

Rpm ≫ Rpm Version2.4.8

Rpm ≫ Rpm Version2.4.9

Rpm ≫ Rpm Version2.4.11

Rpm ≫ Rpm Version2.4.12

Rpm ≫ Rpm Version2.5

Rpm ≫ Rpm Version2.5.1

Rpm ≫ Rpm Version2.5.2

Rpm ≫ Rpm Version2.5.3

Rpm ≫ Rpm Version2.5.4

Rpm ≫ Rpm Version2.5.5

Rpm ≫ Rpm Version2.5.6

Rpm ≫ Rpm Version2.6.7

Rpm ≫ Rpm Version3.0

Rpm ≫ Rpm Version3.0.1

Rpm ≫ Rpm Version3.0.2

Rpm ≫ Rpm Version3.0.3

Rpm ≫ Rpm Version3.0.4

Rpm ≫ Rpm Version3.0.5

Rpm ≫ Rpm Version3.0.6

Rpm ≫ Rpm Version4.0.

Rpm ≫ Rpm Version4.0.1

Rpm ≫ Rpm Version4.0.2

Rpm ≫ Rpm Version4.0.3

Rpm ≫ Rpm Version4.0.4

Rpm ≫ Rpm Version4.1

Rpm ≫ Rpm Version4.3.3

Rpm ≫ Rpm Version4.4.2

Rpm ≫ Rpm Version4.4.2.1

Rpm ≫ Rpm Version4.4.2.2

Rpm ≫ Rpm Version4.4.2.3

Rpm ≫ Rpm Version <= 4.8.0

Rpm ≫ Rpm Version4.6.0

Rpm ≫ Rpm Version4.6.1

Rpm ≫ Rpm Version4.7.0

Rpm ≫ Rpm Version4.7.1

Rpm ≫ Rpm Version4.7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.11

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

https://bugzilla.redhat.com/show_bug.cgi?id=125517

https://exchange.xforce.ibmcloud.com/vulnerabilities/59416

https://nvd.nist.gov/vuln/detail/CVE-2010-2199

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2199

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2199

EUVD