Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151 | Issue Tracking Third Party Advisory |
https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3 | Patch Third Party Advisory |
https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932 | Patch Third Party Advisory |
https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b | Patch Third Party Advisory |
https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277 | Patch Third Party Advisory |
https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364 | Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-01-14 18:15
Updated : 2024-02-28 17:28
NVD link : CVE-2015-3151
Mitre link : CVE-2015-3151
CVE.ORG link : CVE-2015-3151
JSON object : View
Products Affected
redhat
- automatic_bug_reporting_tool
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')