Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-4089

Опубликовано: 16 апр. 2014
Источник: nvd
CVSS2: 4.6
EPSS Низкий

Описание

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*
Версия до 1.0.4 (включая)
cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*

EPSS

Процентиль: 36%
0.00152
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2011-4089

ubuntu
почти 12 лет назад

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

debian логотип

CVE-2011-4089

debian
почти 12 лет назад

The bzexe command in bzip2 1.0.5 and earlier generates compressed exec ...

github логотип

GHSA-f3fh-cjxj-26mw

github
больше 3 лет назад

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

EPSS

Процентиль: 36%
0.00152
Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264