Denial of Service Vulnerability in Fedora Business Cards Package by Red Hat
CVE-2013-0159

7.1HIGH

Key Information:

Vendor: Fedoraproject
Status: Fedora
Vendor: CVE Published:; 1 May 2018

🔔 Create Fedoraproject Vulnerability Alert

What is CVE-2013-0159?

The Fedora business cards package prior to version 1-0.1.beta1.fc17 on Fedora 17 and version 1-0.1.beta1.fc18 on Fedora 18 is susceptible to a type of denial of service attack. Local users can exploit this vulnerability by conducting a symlink attack on the '/tmp/fedora-business-cards-buffer.svg' file, potentially allowing them to overwrite arbitrary files, thus compromising the integrity of the system and its files.

References

https://bugzilla.redhat.com/show_bug.cgi?id=892299

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=892815

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2018
Vulnerability Reserved
Dec 6, 2012