7.8

CVE-2015-1324

EPSS 0.11%
Published 25.08.2017 18:29:00
Last modified 20.04.2025 01:37:25
Source security@ubuntu.com
Teams watchlist Login
Open Login

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.10

Canonical ≫ Ubuntu Linux Version15.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.261

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/bid/74767

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/USN-2609-1

Patch

Vendor Advisory

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1452239

Patch

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2015-1324

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1324

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1324

EUVD