CVE-2015-5273
- EPSS 0.33%
- Veröffentlicht 07.12.2015 18:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name i...
CVE-2012-5659
- EPSS 0.07%
- Veröffentlicht 12.03.2013 23:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to load and execute arbitrary Python modules by modifying the PYTHONPATH environm...
CVE-2012-5660
- EPSS 0.03%
- Veröffentlicht 12.03.2013 23:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store inform...
CVE-2012-1106
- EPSS 0.05%
- Veröffentlicht 03.07.2012 16:40:32
- Zuletzt bearbeitet 11.04.2025 00:51:21
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local...