- Description
- Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors.
- Source
- security@ubuntu.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:N/I:P/A:N
- nvd@nist.gov
- CWE-16
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apport:apport:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE304688-05F0-4F7F-8664-E729B6FA5090",
"versionEndIncluding": "0.1.0.8.1"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu:8.0.4_lts:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9245826-44D6-432D-9447-025FD02431D1"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu:8.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8893D670-FF80-4297-8EF8-83C6CB165604"
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu:9.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24066D17-EE95-4E06-9FAC-DA9B2227195F"
}
],
"operator": "OR"
}
]
}
]