Information disclosure in Fedorahosted Cronie

CVE-2012-6097

File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab.

Vulnerability class: Information Disclosure

EPSS: 0.013 (67.9th percentile) — read the EPSS interpretation.

Affected products

Fedorahosted Cronie — versions 1.4.8
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (vendor-advisory, x_refsource_MANDRIVA)
secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_CONFIRM)