GSD-2015-3151
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-3151",
"description": "Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.",
"id": "GSD-2015-3151",
"references": [
"https://access.redhat.com/errata/RHSA-2015:1083",
"https://linux.oracle.com/cve/CVE-2015-3151.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-3151"
],
"details": "Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.",
"id": "GSD-2015-3151",
"modified": "2023-12-13T01:20:07.920913Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ABRT",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 7a47f57975be0d285a2f20758e4572dca6d9cdd3"
}
]
}
}
]
},
"vendor_name": "ABRT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory Traversal (Local File Inclusion)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151"
},
{
"name": "https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3",
"refsource": "MISC",
"url": "https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3"
},
{
"name": "https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932",
"refsource": "MISC",
"url": "https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932"
},
{
"name": "https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b",
"refsource": "MISC",
"url": "https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b"
},
{
"name": "https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277",
"refsource": "MISC",
"url": "https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277"
},
{
"name": "https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364",
"refsource": "MISC",
"url": "https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:automatic_bug_reporting_tool:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3151"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151"
},
{
"name": "https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3"
},
{
"name": "https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364"
},
{
"name": "https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932"
},
{
"name": "https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b"
},
{
"name": "https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-13T00:47Z",
"publishedDate": "2020-01-14T18:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…