Vulnerability Description
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Automatic Bug Reporting Tool | - |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1214457Issue TrackingThird Party Advisory
- https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8PatchThird Party Advisory
- https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1PatchThird Party Advisory
- https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7PatchThird Party Advisory
- https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb7PatchThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1214457Issue TrackingThird Party Advisory
- https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8PatchThird Party Advisory
- https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1PatchThird Party Advisory
- https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7PatchThird Party Advisory
- https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb7PatchThird Party Advisory
FAQ
What is CVE-2015-3150?
CVE-2015-3150 is a vulnerability with a CVSS score of 7.1 (HIGH). abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElemen...
How severe is CVE-2015-3150?
CVE-2015-3150 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3150?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Automatic Bug Reporting Tool.