CVE-2015-7758 - OpenCVE

Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gummi Project	Gummi
Opensuse	Leap Opensuse

Configuration 1 [-]

OR	cpe:2.3:o:opensuse:leap:42.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*

Configuration 2 [-]

cpe:2.3:a:gummi_project:gummi:0.6.5:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178582.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178642.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00117.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00150.html
http://www.openwall.com/lists/oss-security/2015/10/08/4
http://www.openwall.com/lists/oss-security/2015/10/08/5
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-01-08T19:00:00

Updated: 2024-08-06T07:58:59.962Z

Reserved: 2015-10-08T00:00:00

Link: CVE-2015-7758

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-01-08T19:59:09.163

Modified: 2018-10-30T16:27:35.843

Link: CVE-2015-7758

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-10-08T00:00:00", "descriptions": [{"lang": "en", "value": "Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-02T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432"}, {"name": "openSUSE-SU-2015:2369", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00117.html"}, {"name": "FEDORA-2016-e21be93421", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178582.html"}, {"name": "openSUSE-SU-2016:0574", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00150.html"}, {"name": "FEDORA-2016-94b0b50351", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178642.html"}, {"name": "[oss-security] 20151008 Re: CVE request: Gummi", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/10/08/5"}, {"name": "[oss-security] 20151008 CVE request: Gummi", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/10/08/4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7758", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432", "refsource": "CONFIRM", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432"}, {"name": "openSUSE-SU-2015:2369", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00117.html"}, {"name": "FEDORA-2016-e21be93421", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178582.html"}, {"name": "openSUSE-SU-2016:0574", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00150.html"}, {"name": "FEDORA-2016-94b0b50351", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178642.html"}, {"name": "[oss-security] 20151008 Re: CVE request: Gummi", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/10/08/5"}, {"name": "[oss-security] 20151008 CVE request: Gummi", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/10/08/4"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:58:59.962Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432"}, {"name": "openSUSE-SU-2015:2369", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00117.html"}, {"name": "FEDORA-2016-e21be93421", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178582.html"}, {"name": "openSUSE-SU-2016:0574", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00150.html"}, {"name": "FEDORA-2016-94b0b50351", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178642.html"}, {"name": "[oss-security] 20151008 Re: CVE request: Gummi", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/10/08/5"}, {"name": "[oss-security] 20151008 CVE request: Gummi", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/10/08/4"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7758", "datePublished": "2016-01-08T19:00:00", "dateReserved": "2015-10-08T00:00:00", "dateUpdated": "2024-08-06T07:58:59.962Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gummi_project:gummi:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "CD7D06FB-4D48-4733-912F-C6EC5DBA4EE5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux."}, {"lang": "es", "value": "Gummi 0.6.5 permite a usuarios locales escribir en archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico en un archivo temporal dot que usa el nombre de un archivo existente y la extensi\u00f3n (1) .aux, (2) .log, (3) .out, (4) .pdf o (5) .toc para el nombre de archivo, seg\u00fan lo demostrado por .thesis.tex.aux."}], "id": "CVE-2015-7758", "lastModified": "2018-10-30T16:27:35.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-01-08T19:59:09.163", "references": [{"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178582.html"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178642.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00117.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00150.html"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2015/10/08/4"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2015/10/08/5"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}