CVE-2015-5302

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:libreport:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.20:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.0.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:libreport:2.1.1:*:*:*:*:*:*:*

Information

Published : 2015-12-07 10:59

Updated : 2023-02-12 16:53


NVD link : CVE-2015-5302

Mitre link : CVE-2015-5302


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

redhat

  • libreport