Vulnerability in Redhat Automatic_bug_reporting_tool

CVE-2012-5660

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to s…

EPSS: 0.000 (8.8th percentile) — read the EPSS interpretation.

Affected products

Redhat Automatic_bug_reporting_tool — versions 2.0.0, 2.0.1, 2.0.2
N/a — versions n/a

Weakness classification (CWE)

References

RHSA-2013:0215 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)