Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-12050

Опубликовано: 30 апр. 2020
Источник: nvd
CVSS3: 7
CVSS2: 6.9
EPSS Низкий

Описание

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:sqliteodbc_project:sqliteodbc:0.9996:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00089
Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

ubuntu логотип

CVE-2020-12050

CVSS3: 7
ubuntu
почти 6 лет назад

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.

debian логотип

CVE-2020-12050

CVSS3: 7
debian
почти 6 лет назад

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.99 ...

suse-cvrf логотип

openSUSE-SU-2020:0628-1

suse-cvrf
больше 5 лет назад

Security update for sqliteodbc

github логотип

GHSA-8q4v-jg8h-7hjg

github
больше 3 лет назад

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.

EPSS

Процентиль: 25%
0.00089
Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362