CVE-2011-0995

EUVD-2017-0179
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Affected Products (NVD)
VendorProductVersion
rubyforgerubygem-sqlite3
𝑥
≤ 1.2.3
rubyforgerubygem-sqlite3
1.2.0
rubyforgerubygem-sqlite3
1.2.1
rubyforgerubygem-sqlite3
1.2.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ruby-sqlite3
bookworm
1.4.2-4
fixed
bullseye
1.4.2-3
fixed
sid
1.6.9-2
fixed
trixie
1.6.9-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sqlite3-ruby
dapper
not-affected
hardy
not-affected
lucid
not-affected
maverick
not-affected
natty
not-affected
Common Weakness Enumeration
References
http://secunia.com/advisories/44418
http://support.novell.com/security/cve/CVE-2011-0995.html
http://www.osvdb.org/72180
http://www.securityfocus.com/bid/47694
https://bugzilla.novell.com/show_bug.cgi?id=685928
https://exchange.xforce.ibmcloud.com/vulnerabilities/67263
http://secunia.com/advisories/44418
http://support.novell.com/security/cve/CVE-2011-0995.html
http://www.osvdb.org/72180
http://www.securityfocus.com/bid/47694
https://bugzilla.novell.com/show_bug.cgi?id=685928
https://exchange.xforce.ibmcloud.com/vulnerabilities/67263