Описание
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.
Ссылки
- ExploitMailing ListPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
- ExploitMailing ListPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:tesseract_project:tesseract:2.03:*:*:*:*:*:*:*
cpe:2.3:a:tesseract_project:tesseract:2.04:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
4.7 Medium
CVSS3
6.3 Medium
CVSS2
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 4.7
ubuntu
около 6 лет назад
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.
CVSS3: 4.7
debian
около 6 лет назад
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user ...
github
больше 3 лет назад
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.
EPSS
Процентиль: 49%
0.00256
Низкий
4.7 Medium
CVSS3
6.3 Medium
CVSS2
Дефекты
CWE-59