3.3
CVE-2012-2120
- EPSS 0.31%
- Veröffentlicht 18.05.2012 22:55:03
- Zuletzt bearbeitet 16.06.2026 23:41:01
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
latex2man in texlive-extra-utils 2011.20120322, and possibly other versions or packages, when used with the H or T option, allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Texlive-extra-utils Version2011.20120322
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.227 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:N/I:P/A:P
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668779
http://www.openwall.com/lists/oss-security/2012/04/19/12
http://www.openwall.com/lists/oss-security/2012/04/19/15