5.1

CVE-2015-1865

fts.c in coreutils 8.4 allows local users to delete arbitrary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuCoreutils Version8.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.158
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 3.3 3.4 4.9
AV:L/AC:M/Au:N/C:N/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 1.4 3.6
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

http://www.securityfocus.com/bid/76073
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1211300
Third Party Advisory
Issue Tracking