CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
19.8%
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
rubyforge | rubygem-sqlite3 | * | cpe:2.3:a:rubyforge:rubygem-sqlite3:*:*:*:*:*:*:*:* |
rubyforge | rubygem-sqlite3 | 1.2.0 | cpe:2.3:a:rubyforge:rubygem-sqlite3:1.2.0:*:*:*:*:*:*:* |
rubyforge | rubygem-sqlite3 | 1.2.1 | cpe:2.3:a:rubyforge:rubygem-sqlite3:1.2.1:*:*:*:*:*:*:* |
rubyforge | rubygem-sqlite3 | 1.2.2 | cpe:2.3:a:rubyforge:rubygem-sqlite3:1.2.2:*:*:*:*:*:*:* |
novell | suse_linux_enterprise | 11 | cpe:2.3:o:novell:suse_linux_enterprise:11:sp1:*:*:*:*:*:* |