Impact: Important Public Date: 2015-04-22 CWE: CWE-20 Bugzilla: 1214457: CVE-2015-3150 abrt: abrt-dbus does not guard against crafted problem directory path arguments It exists that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw take ownership of arbitrary files and directories, or to delete files and directories as the root user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat automatic bug reporting tool - |