NVD

Id
15592  
Name
CVE-2010-4337  
Description
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.  
Reject
 
CVSS Version
2  
CVSS Score
3.3  
Severity
Low  
CVSS Base Score
3.3  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:N/I:P/A:P)  
Pub Date
2017-01-18  
Published
2011-01-14  
Modified Date
2012-06-18  
Seq
2010-4337  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
88242 15592 CVE-2010-4337 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605419  View
88243 15592 CVE-2010-4337 DSA-2435  View
88244 15592 CVE-2010-4337 45102  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33662 JVNDB-2011-003904 gnash の configure スクリプトにおける任意のファイルを上書きされる脆弱性 gnash の configure スクリプトには、任意のファイルを上書きされる脆弱性が存在します。 CVE-2010-4337 46917 CVE-2010-4337 15592 3.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003904.html 2011-01-14 2012-03-27 View