Vulnerability Description
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rubyforge | Rubygem-Sqlite3 | <= 1.2.3 |
| Novell | Suse Linux Enterprise | 11 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/44418Vendor Advisory
- http://support.novell.com/security/cve/CVE-2011-0995.html
- http://www.osvdb.org/72180
- http://www.securityfocus.com/bid/47694
- https://bugzilla.novell.com/show_bug.cgi?id=685928
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67263
- http://secunia.com/advisories/44418Vendor Advisory
- http://support.novell.com/security/cve/CVE-2011-0995.html
- http://www.osvdb.org/72180
- http://www.securityfocus.com/bid/47694
- https://bugzilla.novell.com/show_bug.cgi?id=685928
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67263
FAQ
What is CVE-2011-0995?
CVE-2011-0995 is a vulnerability with a CVSS score of 2.1 (LOW). The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges vi...
How severe is CVE-2011-0995?
CVE-2011-0995 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0995?
Check the references section above for vendor advisories and patch information. Affected products include: Rubyforge Rubygem-Sqlite3, Novell Suse Linux Enterprise.