CVE-2012-2291
21.01.2013, 21:55
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.Enginsight
| Vendor | Product | Version |
|---|---|---|
| emc | avamar | 4.0 |
| emc | avamar | 4.1 |
| emc | avamar | 5.0 |
| emc | avamar | 5.0:sp1 |
| emc | avamar | 5.0:sp2 |
| emc | avamar | 5.0.0-407 |
| emc | avamar | 5.0.4-26 |
| emc | avamar | 6.0 |
| emc | avamar_plugin | 4.0 |
| emc | avamar_plugin | 5.0 |
| emc | avamar_plugin | 6.0 |
| emc | avamar_plugin | 6.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration