CVE-2015-3142 in Automatic Bug Reporting Tool情報

要約

〜によって MITRE

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensitive information by leveraging write permissions to the working directory of a crashed application.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

予約する

2015年04月10日

公開

2017年06月26日

モデレーション

承諾済み

エントリ

VDB-102813

CPE

準備完了

CWE

CWE-200 (確認済み)

CVSS

4.7 (NVD)

EPSS

0.00348

KEV

いいえ

アクティビティ

非常低い

セクター

Education, Insurance, ...

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3142
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3142
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3142/

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!