Impact: Important Public Date: 2015-04-29 CWE: CWE-20 Bugzilla: 1216962: CVE-2015-3159 abrt: missing process environment sanitizaton in abrt-action-install-debuginfo-to-abrt-cache It exists that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat automatic bug reporting tool - |