CVE-2013-1067

Опубликовано: 25 окт. 2013

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.

Ссылки

http://www.ubuntu.com/usn/USN-2007-1
Vendor Advisory
http://www.ubuntu.com/usn/USN-2007-1
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*

EPSS

Процентиль: 13%

0.00042

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2013-1067

ubuntu

больше 12 лет назад

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.

GHSA-8pvv-m49q-jr79

github

больше 3 лет назад

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.

EPSS

Процентиль: 13%

0.00042

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-264