Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-3630

Опубликовано: 26 нояб. 2019
Источник: nvd
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:hardlink_project:hardlink:*:*:*:*:*:*:*:*
Версия до 0.1.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 86%
0.03115
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2011-3630

CVSS3: 8.8
ubuntu
около 6 лет назад

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.

redhat логотип

CVE-2011-3630

redhat
больше 14 лет назад

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.

debian логотип

CVE-2011-3630

CVSS3: 8.8
debian
около 6 лет назад

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow ...

github логотип

GHSA-pc7f-j836-p34f

CVSS3: 8.8
github
почти 4 года назад

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.

EPSS

Процентиль: 86%
0.03115
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787