CVE-2012-2690

EPSS 0.05%
Veröffentlicht 29.06.2012 19:55:04
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Libguestfs ≫ Libguestfs Version <= 1.17.43

Libguestfs ≫ Libguestfs Version1.16.0

Libguestfs ≫ Libguestfs Version1.16.1

Libguestfs ≫ Libguestfs Version1.16.2

Libguestfs ≫ Libguestfs Version1.16.3

Libguestfs ≫ Libguestfs Version1.16.4

Libguestfs ≫ Libguestfs Version1.16.5

Libguestfs ≫ Libguestfs Version1.16.6

Libguestfs ≫ Libguestfs Version1.16.7

Libguestfs ≫ Libguestfs Version1.16.8

Libguestfs ≫ Libguestfs Version1.16.9

Libguestfs ≫ Libguestfs Version1.16.10

Libguestfs ≫ Libguestfs Version1.16.11

Libguestfs ≫ Libguestfs Version1.16.12

Libguestfs ≫ Libguestfs Version1.16.13

Libguestfs ≫ Libguestfs Version1.16.14

Libguestfs ≫ Libguestfs Version1.16.15

Libguestfs ≫ Libguestfs Version1.16.16

Libguestfs ≫ Libguestfs Version1.16.17

Libguestfs ≫ Libguestfs Version1.16.18

Libguestfs ≫ Libguestfs Version1.16.19

Libguestfs ≫ Libguestfs Version1.16.20

Libguestfs ≫ Libguestfs Version1.16.21

Libguestfs ≫ Libguestfs Version1.16.22

Libguestfs ≫ Libguestfs Version1.16.23

Libguestfs ≫ Libguestfs Version1.16.24

Libguestfs ≫ Libguestfs Version1.16.25

Libguestfs ≫ Libguestfs Version1.16.26

Libguestfs ≫ Libguestfs Version1.17.0

Libguestfs ≫ Libguestfs Version1.17.1

Libguestfs ≫ Libguestfs Version1.17.2

Libguestfs ≫ Libguestfs Version1.17.3

Libguestfs ≫ Libguestfs Version1.17.4

Libguestfs ≫ Libguestfs Version1.17.5

Libguestfs ≫ Libguestfs Version1.17.6

Libguestfs ≫ Libguestfs Version1.17.7

Libguestfs ≫ Libguestfs Version1.17.8

Libguestfs ≫ Libguestfs Version1.17.9

Libguestfs ≫ Libguestfs Version1.17.10

Libguestfs ≫ Libguestfs Version1.17.11

Libguestfs ≫ Libguestfs Version1.17.12

Libguestfs ≫ Libguestfs Version1.17.13

Libguestfs ≫ Libguestfs Version1.17.14

Libguestfs ≫ Libguestfs Version1.17.15

Libguestfs ≫ Libguestfs Version1.17.16

Libguestfs ≫ Libguestfs Version1.17.17

Libguestfs ≫ Libguestfs Version1.17.18

Libguestfs ≫ Libguestfs Version1.17.19

Libguestfs ≫ Libguestfs Version1.17.20

Libguestfs ≫ Libguestfs Version1.17.21

Libguestfs ≫ Libguestfs Version1.17.22

Libguestfs ≫ Libguestfs Version1.17.23

Libguestfs ≫ Libguestfs Version1.17.24

Libguestfs ≫ Libguestfs Version1.17.25

Libguestfs ≫ Libguestfs Version1.17.26

Libguestfs ≫ Libguestfs Version1.17.27

Libguestfs ≫ Libguestfs Version1.17.28

Libguestfs ≫ Libguestfs Version1.17.29

Libguestfs ≫ Libguestfs Version1.17.30

Libguestfs ≫ Libguestfs Version1.17.31

Libguestfs ≫ Libguestfs Version1.17.32

Libguestfs ≫ Libguestfs Version1.17.33

Libguestfs ≫ Libguestfs Version1.17.34

Libguestfs ≫ Libguestfs Version1.17.35

Libguestfs ≫ Libguestfs Version1.17.36

Libguestfs ≫ Libguestfs Version1.17.37

Libguestfs ≫ Libguestfs Version1.17.38

Libguestfs ≫ Libguestfs Version1.17.39

Libguestfs ≫ Libguestfs Version1.17.40

Libguestfs ≫ Libguestfs Version1.17.41

Libguestfs ≫ Libguestfs Version1.17.42

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.124

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

http://rhn.redhat.com/errata/RHSA-2012-0774.html

http://secunia.com/advisories/49431

Vendor Advisory

http://secunia.com/advisories/49545

Vendor Advisory

http://www.securityfocus.com/bid/53932

https://exchange.xforce.ibmcloud.com/vulnerabilities/76220

https://www.redhat.com/archives/libguestfs/2012-May/msg00104.html

https://nvd.nist.gov/vuln/detail/CVE-2012-2690

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2690

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2690

EUVD