Vulnerability Details CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.4%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 7.2
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1214457
- https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8
- https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1
- https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7
- https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75
- https://bugzilla.redhat.com/show_bug.cgi?id=1214457
- https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8
- https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1
- https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7
- https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75
Products affected by CVE-2015-3150
-
cpe:2.3:a:redhat:automatic_bug_reporting_tool:-