CVE-2009-1295

Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apport:apport:*:*:*:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu:8.0.4_lts:*:*:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu:8.1.0:*:*:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu:9.0.4:*:*:*:*:*:*:*

History

21 Nov 2024, 01:02

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html - () http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html -
References () http://secunia.com/advisories/34947 - () http://secunia.com/advisories/34947 -
References () http://secunia.com/advisories/34952 - () http://secunia.com/advisories/34952 -
References () http://secunia.com/advisories/35065 - () http://secunia.com/advisories/35065 -
References () http://www.securityfocus.com/bid/34776 - () http://www.securityfocus.com/bid/34776 -
References () http://www.ubuntu.com/usn/usn-768-1 - Vendor Advisory () http://www.ubuntu.com/usn/usn-768-1 - Vendor Advisory
References () https://bugs.launchpad.net/bugs/357024 - Exploit () https://bugs.launchpad.net/bugs/357024 - Exploit
References () https://launchpad.net/bugs/cve/2009-1295 - () https://launchpad.net/bugs/cve/2009-1295 -

Information

Published : 2009-04-30 20:30

Updated : 2024-11-21 01:02


NVD link : CVE-2009-1295

Mitre link : CVE-2009-1295

CVE.ORG link : CVE-2009-1295


JSON object : View

Products Affected

apport

  • apport

ubuntu

  • ubuntu
CWE
CWE-16

Configuration