Published: 14/01/2020 Updated: 13/02/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Automatic Bug Reporting Tool

Impact: Important Public Date: 2015-04-22 CWE: CWE-20 Bugzilla: 1214457: CVE-2015-3150 abrt: abrt-dbus does not guard against crafted problem directory path arguments It exists that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw take ownership of arbitrary files and directories, or to delete files and directories as the root user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat automatic bug reporting tool -

Impact: Important Public Date: 2015-04-22 CWE: CWE-20 Bugzilla: 1214457: CVE-2015-3150 abrt: abrt-dbus ...

CWE-20 https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7 https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1 https://bugzilla.redhat.com/show_bug.cgi?id=1214457 https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75 https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-3150

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-3150

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect