CVE-2012-6607 in Augeas
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Reservation
11/23/2013
Disclosure
11/23/2013
Status
Confirmed
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 65556 | Augeas transform.c transform_save path traversal | 22 | Not defined | Official fix | CVE-2012-6607 |