Lucene search

[email protected]NVD:CVE-2011-3632

HistoryNov 26, 2019 - 4:15 a.m.

CVE-2011-3632

2019-11-2604:15:11

CWE-59

[email protected]

web.nvd.nist.gov

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.

Affected configurations

NVD

Node

hardlink_projecthardlinkRange<0.1.2

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

redhatenterprise_linuxMatch5.0

redhatenterprise_linuxMatch6.0

References

access.redhat.com/security/cve/cve-2011-3632

bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516

bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3632

security-tracker.debian.org/tracker/CVE-2011-3632

www.openwall.com/lists/oss-security/2011/10/15/2

www.openwall.com/lists/oss-security/2011/10/20/6

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2011-3632

debiancve1 ubuntucve1 prion1 cve1 cvelist1 seebug1 nessus4 fedora2 openvas4