CVE-2015-1325 Information

Description

Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04 before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10 before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.openwall.com/lists/oss-security/2015/05/21/10 http://www.securityfocus.com/bid/74769 http://www.ubuntu.com/usn/USN-2609-1 https://www.exploit-db.com/exploits/37088/

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.0