Automatic Bug Reporting Tool Red Hat Automatic Bug Reporting Tool

Do you want an email whenever new security vulnerabilities are reported in Red Hat Automatic Bug Reporting Tool?

By the Year

In 2024 there have been 0 vulnerabilities in Red Hat Automatic Bug Reporting Tool . Automatic Bug Reporting Tool did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 5 7.40
2019 0 0.00
2018 0 0.00

It may take a day or so for new Automatic Bug Reporting Tool vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Automatic Bug Reporting Tool Security Vulnerabilities

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which

CVE-2015-3159 7.8 - High - January 14, 2020

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges.

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT)

CVE-2015-3151 7.8 - High - January 14, 2020

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.

Directory traversal

abrt-dbus in Automatic Bug Reporting Tool (ABRT)

CVE-2015-3150 7.1 - High - January 14, 2020

abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.

Improper Input Validation

daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload

CVE-2015-3147 6.5 - Medium - January 14, 2020

daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.

insecure temporary file

The default event handling scripts in Automatic Bug Reporting Tool (ABRT)

CVE-2015-1869 7.8 - High - January 14, 2020

The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file.

insecure temporary file

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which

CVE-2015-3142 4.7 - Medium - June 26, 2017

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensitive information by leveraging write permissions to the working directory of a crashed application.

Information Disclosure

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which

CVE-2015-1870 5.5 - Medium - June 26, 2017

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.

Information Disclosure

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1

CVE-2015-5273 - December 07, 2015

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.

insecure temporary file

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier

CVE-2012-5660 - March 12, 2013

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes."

Permissions, Privileges, and Access Controls

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Automatic Bug Reporting Tool or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

subscribe