Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-5302

Опубликовано: 07 дек. 2015
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:libreport:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.20:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.6.2:*:*:*:*:*:*:*

EPSS

Процентиль: 69%
0.00608
Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

redhat логотип

CVE-2015-5302

redhat
почти 10 лет назад

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

github логотип

GHSA-mvfv-hmwr-6c9m

github
больше 3 лет назад

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

oracle-oval логотип

ELSA-2015-2504

oracle-oval
почти 10 лет назад

ELSA-2015-2504: libreport security update (MODERATE)

oracle-oval логотип

ELSA-2015-2505

oracle-oval
почти 10 лет назад

ELSA-2015-2505: abrt and libreport security update (MODERATE)

EPSS

Процентиль: 69%
0.00608
Низкий

5 Medium

CVSS2

Дефекты

CWE-200