[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-1318Date: (C)2015-04-21   (M)2023-12-22


The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
OSVDB-120803
EXPLOIT-DB-36782
EXPLOIT-DB-43971
USN-2569-1
https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1438758
https://launchpad.net/apport/trunk/2.17.1

CPE    18
cpe:/a:apport_project:apport:2.13.2
cpe:/a:apport_project:apport:2.14.1
cpe:/a:apport_project:apport:2.13.3
cpe:/a:apport_project:apport:2.14.2
...
CWE    1
CWE-264
OVAL    2
oval:org.secpod.oval:def:52455
oval:org.secpod.oval:def:702511

© SecPod Technologies