CVE-2010-2056

Published Jul 22, 2010

Last updated 14 years ago

Overview

Description: GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Source: secalert@redhat.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.3
Impact score: 4.9
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-59

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gnu:gv:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7811773D-89C0-4929-88F1-3FCC0E1228F4",
            "versionEndIncluding": "3.6.9"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "584C3EFC-A330-4502-9181-18D74AD10A86"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB6F5D90-F7F2-465C-B3DD-CD1D8A2C4818"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D497B23-5094-4F73-A3C5-073E533758C8"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "116A7092-CA7C-43A3-8C92-0BA0EC04AC30"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09E3277C-EDC1-47FA-A9AE-0C5CF7BCE0EE"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49CFE64C-AB32-4E6B-89E2-1D70D0B4A5DC"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2F722DD-36B0-42BF-91C0-D6CF17EDEA32"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F0DD599-2BE2-48A7-B6E3-8BE6D8133A4D"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93D748A4-C385-454A-B1D4-87F923905100"
          },
          {
            "criteria": "cpe:2.3:a:gnu:gv:3.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B50D1675-22C0-4B1F-AC93-7FF8EBB6D049"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References