Home > Vulnerability Database > CVE-2015-3151

Mend.io Vulnerability Database

CVE-2015-3151

Good to know:

Date: January 14, 2020

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.

Language: C

Severity Score

7.8

Related Resources (9)

Url: https://nvd.nist.gov/vuln/detail/CVE-2015-3151

Url: https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932

Url: https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3

Url: https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b

Url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151

Url: https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364

Url: https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277

Url: https://access.redhat.com/security/cve/CVE-2015-3151

Url: https://www.mend.io/vulnerability-database/CVE-2015-3151

Severity Score

7.8

Weakness Type (CWE)

Path Traversal

CWE-22

Top Fix

Upgrade Version

Upgrade to version 2.12.0

Learn More

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.2
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2015-3151

Good to know:

Date: January 14, 2020

Language: C

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?