Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-3378

Опубликовано: 31 авг. 2012
Источник: nvd
CVSS2: 3.3
EPSS Низкий

Описание

The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack on a temporary socket file in /tmp/at-spi2.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:gnome:at-spi2-atk:2.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 20%
0.00063
Низкий

3.3 Low

CVSS2

Дефекты

CWE-310

Связанные уязвимости

ubuntu логотип

CVE-2012-3378

ubuntu
больше 13 лет назад

The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack on a temporary socket file in /tmp/at-spi2.

debian логотип

CVE-2012-3378

debian
больше 13 лет назад

The register_application function in atk-adaptor/bridge.c in GNOME at- ...

github логотип

GHSA-j7g4-59wh-c9jc

github
больше 3 лет назад

The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack on a temporary socket file in /tmp/at-spi2.

EPSS

Процентиль: 20%
0.00063
Низкий

3.3 Low

CVSS2

Дефекты

CWE-310