Lucene search

K

PRIOn knowledge basePRION:CVE-2011-3616

HistoryNov 04, 2011 - 9:55 p.m.

Code injection

2011-11-0421:55:00

PRIOn knowledge base

www.prio-n.com

1

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.

CPENameOperatorVersion
conkyeq1.4.2
conkyeq1.2
conkyeq1.5.0
conkyeq1.7.1
conkyeq1.3.1
conkyeq1.8.0
conkyeq1.5.1
conkyeq1.4.8
conkyeq1.4.0
conkyeq1.3.0

Rows per page:

1-10 of 281

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=612033

secunia.com/advisories/43225

secunia.com/advisories/46353

www.gentoo.org/security/en/glsa/glsa-201110-09.xml

www.openwall.com/lists/oss-security/2011/10/09/4

www.openwall.com/lists/oss-security/2011/10/10/8

bugs.launchpad.net/ubuntu/+source/conky/+bug/607309

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for PRION:CVE-2011-3616

gentoo1 ubuntucve1 openvas2 nvd1 cve1 debiancve1 securityvulns2 cvelist1 nessus1