CVE-2012-5660

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:automatic_bug_reporting_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.4.980:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.4.981:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:automatic_bug_reporting_tool:2.0.8:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-03-12 23:55

Updated : 2024-02-28 12:00


NVD link : CVE-2012-5660

Mitre link : CVE-2012-5660

CVE.ORG link : CVE-2012-5660


JSON object : View

Products Affected

redhat

  • automatic_bug_reporting_tool
CWE
CWE-264

Permissions, Privileges, and Access Controls

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')