CVE-2012-3386

{"id": "CVE-2012-3386", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-08-07T21:55:01.420", "references": [{"url": "http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76", "tags": ["Exploit", "Patch"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00038.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0526.html", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:103", "source": "secalert@redhat.com"}, {"url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00021.html", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00022.html", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00023.html", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76", "tags": ["Exploit", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00038.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0526.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:103", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00021.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00022.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00023.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "The \"make distcheck\" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "La regla \"make distcheck\" en GNU Automake anterior a v1.11.6 y v1.12.x anterior a v1.12.2 asigna permisos world-writable al directorio de extracci\u00f3n, lo que produce una vulnerabilidad de condici\u00f3n de carrera que permite a usuarios locales ejecutar c\u00f3digo a trav\u00e9s de vectores no determinados."}], "lastModified": "2024-11-21T01:40:45.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:automake:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF1142BF-7EE4-4937-A928-86057C853BB8", "versionEndIncluding": "1.11.5"}, {"criteria": "cpe:2.3:a:gnu:automake:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825E1F9E-0DFB-47BF-8D28-52B6804C199A"}, {"criteria": "cpe:2.3:a:gnu:automake:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41C63958-FF26-4223-8EF5-1E2CEFD9DBC6"}, {"criteria": "cpe:2.3:a:gnu:automake:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "499D5653-552E-44EE-8183-FD5D05BF8F35"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE71E960-691A-4816-A04D-A8D1F3CDA2CE"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "620AE4A6-8801-4E2E-BC16-4CA0A128EAD8"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BB76EC2-1F74-4BB2-B1B5-F3416CDC345B"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E969575-F171-42B7-B02D-CD494D9F9CE2"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6396CC6D-2290-4D98-90FD-498EFDAC690B"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8227C2EC-7C6B-4C91-86FE-FD4892C0D855"}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "377CA093-EE7B-4F14-A9D0-62E678EE787E"}, {"criteria": "cpe:2.3:a:gnu:automake:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A8CECA9-BDE4-4E0D-9D1A-3A8B705736CF"}, {"criteria": "cpe:2.3:a:gnu:automake:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37F4CA27-ECDF-4F2B-889B-954C1539DB8B"}, {"criteria": "cpe:2.3:a:gnu:automake:1.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A883A1BE-D2F9-43F6-9779-163762DC0BDE"}, {"criteria": "cpe:2.3:a:gnu:automake:1.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "098E2153-D183-4603-AB8E-A424E321CB3C"}, {"criteria": "cpe:2.3:a:gnu:automake:1.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2C958A3-01F2-45A6-8F0B-74BE794E06CD"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6454F4F7-507E-4539-B566-39E5ABD9F3B4"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C19F15E-FBBC-4DEB-9438-DCF5FB9CD366"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E466BA9-460D-4B7E-BD10-9CD072DE8846"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9ECA16B-1AD3-4199-9D01-018DBDA0AD63"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6667859B-7297-4BB1-97DB-195037EB71C9"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C42854C-5241-43A8-9E27-0701CE97BB94"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "855F7E05-B617-4046-B6E4-7894CD237654"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD6A46DF-3A7F-40EA-B2D6-BBDB8CEF2744"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26C09EE5-460F-4169-A372-878E77120204"}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5205CF45-634B-4994-8CB1-C70B87FFC7D4"}, {"criteria": "cpe:2.3:a:gnu:automake:1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AFB9079-79EA-4DC3-9C86-72D90788AB35"}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B2ABAC0-D633-43B6-9BA2-E346E8D2BAAF"}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A579BF1E-0ECE-4D1F-8849-359626B9F250"}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FAE2575-4611-481E-AA37-549B2F528864"}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F29368AC-C9BA-451B-90DA-CCE8AB291946"}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81FB30CC-D96B-443A-B1B5-61F207F80B04"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FF64364-4A8B-4155-9FDA-E4AF655EA826"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E529FDE-1475-4F83-AD75-795AA2CFCE48"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAA3D112-97D4-4605-AAD9-ACD8C1901332"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E44D4B2-F8E6-4D2E-800D-2101C1832261"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7565230F-80E8-49F2-BFC9-F33B690AC78D"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52DA2099-218B-4588-B381-539307426AB5"}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "032119F6-768D-42BF-A4B8-2059BFA3AAD8"}, {"criteria": "cpe:2.3:a:gnu:automake:1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D17CFC-3C6D-4EC1-9FED-2C158AC517C6"}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DD32447-BADF-4E6B-8745-75202A3AF83B"}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7348FBF0-AD00-4236-9CA0-BA01FD153629"}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06107483-9738-4C1A-A706-3DE7D9F04E7E"}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2A91930-6A6C-4B56-99DF-8A06F270AEC3"}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F35A4AC-1FA1-49CA-A465-5E0E6E05AC0B"}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CE405EB-E067-464D-86AE-6F0C56C7250E"}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6C72AC-9EDB-4BB4-8C7F-BA1F886939EF"}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDD57193-65DC-4AFC-96C0-725AC176E7F9"}, {"criteria": "cpe:2.3:a:gnu:automake:1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64F490F-2837-4A97-BA1E-6E796B8B4F27"}, {"criteria": "cpe:2.3:a:gnu:automake:1.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CE494CF-6DD2-451E-B9F4-A102B06B9183"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}