CVE-2012-3355

(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnome:rhythmbox:0.12.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.7:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.10.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.10.0.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.13.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.5.88:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.7:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.13.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.7:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.6.90:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.13.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.12.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:*:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:gnome:rhythmbox:0.8.1:*:*:*:*:*:*:*

Information

Published : 2012-07-17 14:55

Updated : 2017-08-28 18:31


NVD link : CVE-2012-3355

Mitre link : CVE-2012-3355


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

gnome

  • rhythmbox