{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-05-06T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=678661"}, {"name": "[oss-security] 20120625 CVE 2011-* Request -- rhythmbox (context plug-in): Insecure temporary directory use by loading template files for 'Album', 'Lyrics', and 'Artist' tabs", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/06/25/5"}, {"name": "openSUSE-SU-2012:0954", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "https://hermes.opensuse.org/messages/15351848"}, {"name": "[oss-security] 20120625 Re: CVE 2011-* Request -- rhythmbox (context plug-in): Insecure temporary directory use by loading template files for 'Album', 'Lyrics', and 'Artist' tabs", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/06/25/7"}, {"name": "54186", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/54186"}, {"tags": ["x_refsource_MISC"], "url": "http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.html"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616673"}, {"name": "USN-1503-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1503-1"}, {"name": "rhythmbox-template-symlink(76538)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76538"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:05:12.062Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=678661"}, {"name": "[oss-security] 20120625 CVE 2011-* Request -- rhythmbox (context plug-in): Insecure temporary directory use by loading template files for 'Album', 'Lyrics', and 'Artist' tabs", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/06/25/5"}, {"name": "openSUSE-SU-2012:0954", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "https://hermes.opensuse.org/messages/15351848"}, {"name": "[oss-security] 20120625 Re: CVE 2011-* Request -- rhythmbox (context plug-in): Insecure temporary directory use by loading template files for 'Album', 'Lyrics', and 'Artist' tabs", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/06/25/7"}, {"name": "54186", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/54186"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616673"}, {"name": "USN-1503-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1503-1"}, {"name": "rhythmbox-template-symlink(76538)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76538"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-3355", "datePublished": "2012-07-17T21:00:00.000Z", "dateReserved": "2012-06-14T00:00:00.000Z", "dateUpdated": "2024-08-06T20:05:12.062Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:rhythmbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "04FB5C83-82F6-4D83-A321-8987497008D7", "versionEndIncluding": "0.13.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9C5A5176-5109-4D2F-85FA-54D40030C658", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "DAAA6451-C2BB-45DF-8A1D-F36771AE1211", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B4556AD4-DBCD-4DFE-9C61-B2C94BBD0C82", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "464F844A-21B8-46B4-A0B8-CBF6CAA3E646", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "3D3B63EC-8E50-4ECB-A7D1-8E12AEF769BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.88:*:*:*:*:*:*:*", "matchCriteriaId": "A896C622-AF81-4E75-970D-DBADAFA9786D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "560FAA61-5B0F-45EE-B906-3FCF593A124A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBD6280F-87E5-4629-B822-99966520563F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "8BD5E3B9-7EA8-4BF8-BD34-4F97FEA8C801", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "CEC940E5-A337-4314-A8AC-7ECB55CFEC1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "47E44198-D454-4728-820D-01FA7838CC12", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2EE3C8E4-6CCA-4EDA-BF19-AF3089834415", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "A0E4B943-377A-4796-931E-6E38008A714E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "6C9C33F2-0D7F-4EEA-A600-187FD677FA16", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "23F0E8B6-B0C9-4A23-B0AC-E634EAFF4F6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5826275-3B25-4D1E-A39C-EF770298F0A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "C1825267-CDFF-4EE5-B4EB-570962734EA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2089E572-43E8-4181-B1DB-7ECA510D9444", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "0C0E73D8-017D-44E5-9972-C48A884F3199", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "DEEF355B-DAF6-430E-B0E9-95ACD6B7BE23", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "43771D90-BB13-47A0-A563-C57A0E0F359F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "7F4AFFB3-DED1-4F98-B876-4283642BA554", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "B1C7CBFC-9896-490A-BE48-0D73F055DC66", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "DB1456F9-5F29-4F24-B64B-F5976B0E9674", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "7B2C2292-61CE-43BB-AD67-A89058B2206B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "B2175B7C-E20B-4EC9-B165-75E003DF275C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "90469C45-F15D-471F-A2EC-8ED257CF108D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F897E5C0-C430-4339-AD1E-CCF036D66549", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "56EC52EF-0FB4-46A4-9455-5946F4DD5A5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "70A02A7B-FA3B-4561-BEF0-0AD078CA9FE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "33826EF0-D2EC-47AB-854C-F302689C951B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "540E27B6-699A-4E11-9744-D9147BEB7FDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "311D381E-D084-4378-AA98-727EDC744F30", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "556BAAE3-D281-4BA0-A6F7-FFF6962AAEC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "557C45AE-E51A-49BE-9183-DFCB4403A863", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "CD423A0E-5547-4194-B569-345382B7000E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.6.90:*:*:*:*:*:*:*", "matchCriteriaId": "99AB8C4A-681C-4599-9618-6DA709340DF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "49A7016A-982F-4F32-A9CA-B1F932C757DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "0476AC18-248F-4179-8115-AF5865F532C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D26EB254-BF88-4B70-AB44-77699C0287A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.10.0.90:*:*:*:*:*:*:*", "matchCriteriaId": "C803C263-6D99-4DD1-A1C2-10AE7F03BC52", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "380AC40C-FA63-4B11-A860-633B33C35C19", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A4C0429-BDA1-4995-9C58-54433DEE6E26", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "F9EFD2E8-8586-473F-A541-75CE8E8CF368", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "49A89820-1E65-4362-80C1-C6D6616A77C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "AAD5F3D3-E6A9-4A1C-9B62-23E172ED2676", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D2BE082-D01E-4E94-AEDC-DA6E04D08057", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "A19DD5B4-5383-429B-A4A3-6FC7260F5AA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "0CCCB575-017B-45A2-83DA-3EC2D272DD7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "B94ED188-6EE1-47BF-8CD6-9CE22C087794", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "3E7E46C2-FDC1-4A7A-A8D2-77114154058A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "46BC9689-2C1B-4AD5-8212-FC6F32CDD7B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "65476CA5-17BE-4F55-BD1F-DD4D41463546", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "75AA2E2F-A3E3-46C4-B456-6C6DCC6BEE69", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F19FF1E-6AD2-41CF-9E69-F439BE249156", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "61A3BF76-B790-4A87-9CF0-B67ABCD6B20E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "273629B0-A18B-45B6-A40E-FAA6C41D6AE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "8EDB4B5F-4FF8-4754-8897-3BC23BFC62D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "10559890-3B55-4030-81D4-B2E1A972E92D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "3D650FB8-775C-4851-9EAA-27E8B8BD66F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnome:rhythmbox:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "45F3D456-A425-423D-B851-E76C4865CFAB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory."}, {"lang": "es", "value": "(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, y (4) LyricsTab.py en el m\u00f3dulo Context en GNOME Rhythmbox v0.13.3 y anteriores permite a usuarios locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de un enlace simb\u00f3lico el ataque a un archivo de plantilla temporal de HTML en el directorio / tmp / contexto."}], "id": "CVE-2012-3355", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-07-17T21:55:02.147", "references": [{"source": "secalert@redhat.com", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616673"}, {"source": "secalert@redhat.com", "url": "http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.html"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/06/25/5"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/06/25/7"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/54186"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1503-1"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=678661"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76538"}, {"source": "secalert@redhat.com", "url": "https://hermes.opensuse.org/messages/15351848"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616673"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/06/25/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/06/25/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/54186"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1503-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.gnome.org/show_bug.cgi?id=678661"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76538"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://hermes.opensuse.org/messages/15351848"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "plug-in): Insecure temporary directory use by loading template files for 'Album', 'Lyrics', and 'Artist' tabs", "id": "835076", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "status": "draft"}, "cwe": "CWE-377", "details": ["(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory."], "name": "CVE-2012-3355", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "rhythmbox", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "rhythmbox", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2011-03-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-3355\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3355"], "statement": "This issue does not affect the version of rhythmbox as shipped with Red Hat Enterprise Linux 5. This issue affects the version of rhythmbox as shipped with Red Hat Enterprise Linux 6.\nRed Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}

{}