CVE-2012-3355

Currently unrated

Key Information:

Vendor: Gnome
Status: Rhythmbox
Vendor: CVE Published:; 17 July 2012

Summary

(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.

References

https://bugzilla.gnome.org/show_bug.cgi?id=678661

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2012/06/25/5

mailing-listx_refsource_MLIST

https://hermes.opensuse.org/messages/15351848

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Jul 17, 2012
Vulnerability Reserved
Jun 14, 2012