CVE-2010-4337 - CERT CVE
ID CVE-2010-4337
Sažetak The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.
Reference
CVSS
Base: 3.3
Impact: 4.9
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL PARTIAL
CVSS vektor AV:L/AC:M/Au:N/C:N/I:P/A:P
Zadnje važnije ažuriranje 19-06-2012 - 03:35
Objavljeno 14-01-2011 - 23:00