CVE-2012-3386 in libpng
Resumen (Inglés)
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
Reservar
2012-06-14
Divulgación
2012-08-07
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 5666 | libpng escalada de privilegios | 264 | Prueba de concepto | Arreglo oficial | CVE-2012-3386 |