Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151 | Issue Tracking Third Party Advisory |
https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3 | Patch Third Party Advisory |
https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932 | Patch Third Party Advisory |
https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b | Patch Third Party Advisory |
https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277 | Patch Third Party Advisory |
https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364 | Patch Third Party Advisory |
Configurations
History
13 Feb 2023, 00:47
Type | Values Removed | Values Added |
---|---|---|
Summary | Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method. | |
References |
|
02 Feb 2023, 20:20
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple directory traversal flaws were found in the abrt-dbus D-Bus service. A local attacker could use these flaws to read and write arbitrary files as the root user. | |
References |
|
Information
Published : 2020-01-14 18:15
Updated : 2023-12-10 13:13
NVD link : CVE-2015-3151
Mitre link : CVE-2015-3151
CVE.ORG link : CVE-2015-3151
JSON object : View
Products Affected
redhat
- automatic_bug_reporting_tool
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')