Описание
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | released | 2.21.5-0ubuntu2 |
| hardy | released | 2.16.6-0ubuntu1.2 |
| intrepid | released | 2.18.2-0ubuntu2.2 |
| jaunty | released | 2.20.1-0ubuntu2.1 |
| upstream | needed |
Показывать по
EPSS
4.4 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
The g_file_copy function in glib 2.0 sets the permissions of a target ...
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
EPSS
4.4 Medium
CVSS2
7.8 High
CVSS3