CVE Vulnerabilities

CVE-2012-5660

Published: Mar 12, 2013 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on the directories used to store information about crashes.

Affected Software

Name Vendor Start Version End Version
Automatic_bug_reporting_tool Redhat 2.0.6 2.0.6
Automatic_bug_reporting_tool Redhat 2.0.4.981 2.0.4.981
Automatic_bug_reporting_tool Redhat 2.0.8 2.0.8
Automatic_bug_reporting_tool Redhat * 2.0.9
Automatic_bug_reporting_tool Redhat 2.0.5 2.0.5
Automatic_bug_reporting_tool Redhat 2.0.2 2.0.2
Automatic_bug_reporting_tool Redhat 2.0.7 2.0.7
Automatic_bug_reporting_tool Redhat 2.0.4.980 2.0.4.980
Automatic_bug_reporting_tool Redhat 2.0.1 2.0.1
Automatic_bug_reporting_tool Redhat 2.0.0 2.0.0
Automatic_bug_reporting_tool Redhat 2.0.4 2.0.4
Automatic_bug_reporting_tool Redhat 2.0.3 2.0.3

References