Lucene search
HistoryJan 14, 2011 - 11:00 p.m.
CVE-2010-4337
cve-2010-4337
gnash
symlink attack
nvd
security vulnerability
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.
Affected configurations
Node
gnugnashMatch0.8.8
Related
nessus
nessus
Fedora 13 : gnash-0.8.9-1.fc13 (2011-3662)
2011-03-28 00:00:00
Fedora 15 : gnash-0.8.9-0.1.20110312git.fc15 (2011-3261)
2011-03-18 00:00:00
Fedora 14 : gnash-0.8.9-1.fc14 (2011-3658)
2011-03-28 00:00:00
openvas
openvas
Fedora Update for gnash FEDORA-2011-3662
2011-04-01 00:00:00
Fedora Update for gnash FEDORA-2011-3662
2011-04-01 00:00:00
Fedora Update for gnash FEDORA-2011-3658
2011-04-01 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: gnash-0.8.9-1.fc13
2011-03-27 19:35:31
[SECURITY] Fedora 15 Update: gnash-0.8.9-0.1.20110312git.fc15
2011-03-18 03:59:58
[SECURITY] Fedora 14 Update: gnash-0.8.9-1.fc14
2011-03-27 19:28:00
nvd
nvd
CVE-2010-4337
2011-01-14 23:00:47
debiancve
debiancve
CVE-2010-4337
2011-01-14 23:00:00
prion
prion
Code injection
2011-01-14 23:00:00
cvelist
cvelist
CVE-2010-4337
2011-01-14 22:00:00
ubuntucve
ubuntucve
CVE-2010-4337
2011-01-14 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2435-1] gnash security update
2012-03-26 00:00:00
gnash multiple security vulnerabilities
2012-03-26 00:00:00
debian
debian
[SECURITY] [DSA 2435-1] gnash security update
2012-03-19 23:05:34
osv
osv
gnash - several
2012-03-19 00:00:00
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2010-4337