golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script.
References
Link | Resource |
---|---|
https://bugzilla.suse.com/show_bug.cgi?id=765455 | Issue Tracking Patch Third Party Advisory |
https://codereview.appspot.com/5992078 | Exploit Third Party Advisory |
https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210902-0009/ | Third Party Advisory |
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666 | Third Party Advisory |
Configurations
History
18 Oct 2021, 12:54
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210902-0009/ - Third Party Advisory |
02 Sep 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Jul 2021, 16:50
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd - Patch, Third Party Advisory | |
References | (MISC) https://codereview.appspot.com/5992078 - Exploit, Third Party Advisory | |
References | (MISC) https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666 - Third Party Advisory | |
References | (MISC) https://bugzilla.suse.com/show_bug.cgi?id=765455 - Issue Tracking, Patch, Third Party Advisory | |
CPE | cpe:2.3:a:golang:go:1.0.2:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-377 |
09 Jul 2021, 11:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-09 11:15
Updated : 2023-12-10 13:55
NVD link : CVE-2012-2666
Mitre link : CVE-2012-2666
CVE.ORG link : CVE-2012-2666
JSON object : View
Products Affected
golang
- go
CWE
CWE-377
Insecure Temporary File