CVE-2015-3315

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:redhat:automatic_bug_reporting_tool:-:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-26 15:29

Updated : 2024-02-28 16:04


NVD link : CVE-2015-3315

Mitre link : CVE-2015-3315

CVE.ORG link : CVE-2015-3315


JSON object : View

Products Affected

redhat

  • enterprise_linux_hpc_node
  • enterprise_linux_workstation
  • automatic_bug_reporting_tool
  • enterprise_linux_server
  • enterprise_linux_server_eus
  • enterprise_linux_desktop
  • enterprise_linux_hpc_node_eus
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')