CVE-2012-1093

7.8HIGH

Key Information

Vendor: Debian
Status: X11-common
Vendor: CVE Published:; 21 February 2020

Summary

The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.

Affected Version(s)

x11-common = before 1:7.6+12

References

https://security-tracker.debian.org/tracker/CVE-2012-1093

x_refsource_MISC

https://access.redhat.com/security/cve/cve-2012-1093

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2012/03/01/1

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 21, 2020
Vulnerability Reserved
Feb 14, 2012

Collectors

NVD DatabaseMitre Database