CVE-2012-6110

2014-09-2922:00:00

redhat

www.cve.org

AI Score

6.2

Confidence

Low

EPSS

Percentile

5.1%

JSON

bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

References

seclists.org/oss-sec/2013/q1/102

untroubled.org/bcron/NEWS

bugs.debian.org/cgi-bin/bugreport.cgi?bug=686650

exchange.xforce.ibmcloud.com/vulnerabilities/81383