2.9
CVE-2012-4454
- EPSS 1.03%
- Veröffentlicht 10.10.2012 18:55:04
- Zuletzt bearbeitet 16.06.2026 23:45:07
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Opencryptoki Project ≫ Opencryptoki Version <= 2.4
Opencryptoki Project ≫ Opencryptoki Version2.2.3
Opencryptoki Project ≫ Opencryptoki Version2.2.4
Opencryptoki Project ≫ Opencryptoki Version2.2.4.1
Opencryptoki Project ≫ Opencryptoki Version2.2.5
Opencryptoki Project ≫ Opencryptoki Version2.2.6
Opencryptoki Project ≫ Opencryptoki Version2.2.7
Opencryptoki Project ≫ Opencryptoki Version2.2.8
Opencryptoki Project ≫ Opencryptoki Version2.3.0
Opencryptoki Project ≫ Opencryptoki Version2.3.1
Opencryptoki Project ≫ Opencryptoki Version2.3.2
Opencryptoki Project ≫ Opencryptoki Version2.3.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.03% | 0.592 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.9 | 5.5 | 2.9 |
AV:A/AC:M/Au:N/C:N/I:P/A:N
|
http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=58345488c9351d9be9a4be27c8b407c2706a33a9
http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=b7fcb3eb0319183348f1f4fb90ede4edd6487c30
http://secunia.com/advisories/50702
http://sourceforge.net/mailarchive/message.php?msg_id=28878345
http://www.openwall.com/lists/oss-security/2012/09/07/2
http://www.openwall.com/lists/oss-security/2012/09/07/6
http://www.openwall.com/lists/oss-security/2012/09/09/2
http://www.openwall.com/lists/oss-security/2012/09/20/6
http://www.openwall.com/lists/oss-security/2012/09/25/5
http://www.openwall.com/lists/oss-security/2012/09/27/2
http://www.securityfocus.com/bid/55627
https://bugzilla.redhat.com/show_bug.cgi?id=730636
https://exchange.xforce.ibmcloud.com/vulnerabilities/78797