CVE-2012-3329

EUVD-2012-3307
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:N/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
ibmadvanced_settings_utility
3.62
ibmadvanced_settings_utility
3.70
ibmadvanced_settings_utility
9.21
ibmbootable_media_creator
2.30
ibmbootable_media_creator
3.00
ibmbootable_media_creator
9.21
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5092090
https://exchange.xforce.ibmcloud.com/vulnerabilities/78044
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5092090
https://exchange.xforce.ibmcloud.com/vulnerabilities/78044