CVE-2012-0871
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Improper Link Resolution Before File Access ('Link Following') The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 6.3 | AV:L/AC:M/Au:N/C:N/I:C/A:C | nvd@nist.gov |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Products Mentioned
Configuraton 0
Systemd_project>>Systemd >> Version To (including) 037
- Systemd_project>>Systemd >> Version 1 (Open CPE detail)
- Systemd_project>>Systemd >> Version 2 (Open CPE detail)
- Systemd_project>>Systemd >> Version 3 (Open CPE detail)
- Systemd_project>>Systemd >> Version 4 (Open CPE detail)
- Systemd_project>>Systemd >> Version 5 (Open CPE detail)
- Systemd_project>>Systemd >> Version 6 (Open CPE detail)
- Systemd_project>>Systemd >> Version 7 (Open CPE detail)
- Systemd_project>>Systemd >> Version 8 (Open CPE detail)
- Systemd_project>>Systemd >> Version 9 (Open CPE detail)
- Systemd_project>>Systemd >> Version 10 (Open CPE detail)
- Systemd_project>>Systemd >> Version 11 (Open CPE detail)
- Systemd_project>>Systemd >> Version 12 (Open CPE detail)
- Systemd_project>>Systemd >> Version 13 (Open CPE detail)
- Systemd_project>>Systemd >> Version 14 (Open CPE detail)
- Systemd_project>>Systemd >> Version 15 (Open CPE detail)
- Systemd_project>>Systemd >> Version 16 (Open CPE detail)
- Systemd_project>>Systemd >> Version 17 (Open CPE detail)
- Systemd_project>>Systemd >> Version 18 (Open CPE detail)
- Systemd_project>>Systemd >> Version 19 (Open CPE detail)
- Systemd_project>>Systemd >> Version 20 (Open CPE detail)
- Systemd_project>>Systemd >> Version 21 (Open CPE detail)
- Systemd_project>>Systemd >> Version 22 (Open CPE detail)
- Systemd_project>>Systemd >> Version 23 (Open CPE detail)
- Systemd_project>>Systemd >> Version 24 (Open CPE detail)
- Systemd_project>>Systemd >> Version 25 (Open CPE detail)
- Systemd_project>>Systemd >> Version 26 (Open CPE detail)
- Systemd_project>>Systemd >> Version 27 (Open CPE detail)
- Systemd_project>>Systemd >> Version 28 (Open CPE detail)
- Systemd_project>>Systemd >> Version 29 (Open CPE detail)
- Systemd_project>>Systemd >> Version 30 (Open CPE detail)
- Systemd_project>>Systemd >> Version 31 (Open CPE detail)
- Systemd_project>>Systemd >> Version 32 (Open CPE detail)
- Systemd_project>>Systemd >> Version 33 (Open CPE detail)
- Systemd_project>>Systemd >> Version 34 (Open CPE detail)
- Systemd_project>>Systemd >> Version 35 (Open CPE detail)
- Systemd_project>>Systemd >> Version 36 (Open CPE detail)
- Systemd_project>>Systemd >> Version 37 (Open CPE detail)
Systemd_project>>Systemd >> Version 1
- Systemd_project>>Systemd >> Version 1 (Open CPE detail)
Systemd_project>>Systemd >> Version 2
- Systemd_project>>Systemd >> Version 2 (Open CPE detail)
Systemd_project>>Systemd >> Version 3
- Systemd_project>>Systemd >> Version 3 (Open CPE detail)
Systemd_project>>Systemd >> Version 4
- Systemd_project>>Systemd >> Version 4 (Open CPE detail)
Systemd_project>>Systemd >> Version 5
- Systemd_project>>Systemd >> Version 5 (Open CPE detail)
Systemd_project>>Systemd >> Version 6
- Systemd_project>>Systemd >> Version 6 (Open CPE detail)
Systemd_project>>Systemd >> Version 7
- Systemd_project>>Systemd >> Version 7 (Open CPE detail)
Systemd_project>>Systemd >> Version 8
- Systemd_project>>Systemd >> Version 8 (Open CPE detail)
Systemd_project>>Systemd >> Version 9
- Systemd_project>>Systemd >> Version 9 (Open CPE detail)
Systemd_project>>Systemd >> Version 10
- Systemd_project>>Systemd >> Version 10 (Open CPE detail)
Systemd_project>>Systemd >> Version 11
- Systemd_project>>Systemd >> Version 11 (Open CPE detail)
Systemd_project>>Systemd >> Version 12
- Systemd_project>>Systemd >> Version 12 (Open CPE detail)
Systemd_project>>Systemd >> Version 13
- Systemd_project>>Systemd >> Version 13 (Open CPE detail)
Systemd_project>>Systemd >> Version 14
- Systemd_project>>Systemd >> Version 14 (Open CPE detail)
Systemd_project>>Systemd >> Version 15
- Systemd_project>>Systemd >> Version 15 (Open CPE detail)
Systemd_project>>Systemd >> Version 16
- Systemd_project>>Systemd >> Version 16 (Open CPE detail)
Systemd_project>>Systemd >> Version 17
- Systemd_project>>Systemd >> Version 17 (Open CPE detail)
Systemd_project>>Systemd >> Version 18
- Systemd_project>>Systemd >> Version 18 (Open CPE detail)
Systemd_project>>Systemd >> Version 19
- Systemd_project>>Systemd >> Version 19 (Open CPE detail)
Systemd_project>>Systemd >> Version 20
- Systemd_project>>Systemd >> Version 20 (Open CPE detail)
Systemd_project>>Systemd >> Version 21
- Systemd_project>>Systemd >> Version 21 (Open CPE detail)
Systemd_project>>Systemd >> Version 22
- Systemd_project>>Systemd >> Version 22 (Open CPE detail)
Systemd_project>>Systemd >> Version 23
- Systemd_project>>Systemd >> Version 23 (Open CPE detail)
Systemd_project>>Systemd >> Version 24
- Systemd_project>>Systemd >> Version 24 (Open CPE detail)
Systemd_project>>Systemd >> Version 25
- Systemd_project>>Systemd >> Version 25 (Open CPE detail)
Systemd_project>>Systemd >> Version 26
- Systemd_project>>Systemd >> Version 26 (Open CPE detail)
Systemd_project>>Systemd >> Version 27
- Systemd_project>>Systemd >> Version 27 (Open CPE detail)
Systemd_project>>Systemd >> Version 28
- Systemd_project>>Systemd >> Version 28 (Open CPE detail)
Systemd_project>>Systemd >> Version 29
- Systemd_project>>Systemd >> Version 29 (Open CPE detail)
Systemd_project>>Systemd >> Version 30
- Systemd_project>>Systemd >> Version 30 (Open CPE detail)
Systemd_project>>Systemd >> Version 31
- Systemd_project>>Systemd >> Version 31 (Open CPE detail)
Systemd_project>>Systemd >> Version 32
- Systemd_project>>Systemd >> Version 32 (Open CPE detail)
Systemd_project>>Systemd >> Version 33
- Systemd_project>>Systemd >> Version 33 (Open CPE detail)
Systemd_project>>Systemd >> Version 34
- Systemd_project>>Systemd >> Version 34 (Open CPE detail)
Systemd_project>>Systemd >> Version 35
- Systemd_project>>Systemd >> Version 35 (Open CPE detail)
Systemd_project>>Systemd >> Version 36
- Systemd_project>>Systemd >> Version 36 (Open CPE detail)
Opensuse>>Opensuse >> Version 12.1
- Opensuse>>Opensuse >> Version 12.1 (Open CPE detail)
Références
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00030.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
2025©
tesweb SA
