7.8

CVE-2015-1324

EPSS 0.11%
Veröffentlicht 25.08.2017 18:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle security@ubuntu.com
Teams Watchlist Login
Unerledigt Login

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.10

Canonical ≫ Ubuntu Linux Version15.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.261

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/bid/74767

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/USN-2609-1

Patch

Vendor Advisory

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1452239

Patch

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2015-1324

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1324

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1324

EUVD