CVE-2010-1457

Sažetak

Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a (1) -c or (2) -a option, which prints file contents in an error message.

Reference

http://ftpmain.gnustep.org/pub/gnustep/core/gnustep-base-1.20.0.tar.gz
http://savannah.gnu.org/bugs/?29755
http://secunia.com/advisories/39746
http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
http://www.openwall.com/lists/oss-security/2010/05/07/6
http://www.securityfocus.com/bid/40005
https://bugs.launchpad.net/ubuntu/+source/gnustep-base/+bug/573108

CVSS

Base:	4.9
Impact:	6.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

12-05-2010 - 11:46

Objavljeno

12-05-2010 - 11:46