CVE-2015-3142 in Automatic Bug Reporting Toolinfo

Summary

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensitive information by leveraging write permissions to the working directory of a crashed application.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

04/10/2015

Disclosure

06/26/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.0

EPSS

0.00111

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3142
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3142
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3142/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!