CVE-2015-3150

abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
redhatautomatic_bug_reporting_tool
-
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
abrt
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-ccpp
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-kerneloops
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-pstoreoops
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-python
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-upload-watch
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-vmcore
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-addon-xorg
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-cli
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-console-notification
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-dbus
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-desktop
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-devel
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-gui
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-gui-devel
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-gui-libs
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-libs
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-python
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-python-doc
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-retrace-client
RHEL 7
0:2.1.11-22.el7_1
fixed
abrt-tui
RHEL 7
0:2.1.11-22.el7_1
fixed
libreport
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-anaconda
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-cli
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-compat
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-devel
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-filesystem
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-gtk
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-gtk-devel
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-newt
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-bugzilla
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-kerneloops
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-logger
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-mailx
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-reportuploader
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-rhtsupport
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-plugin-ureport
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-python
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-rhel
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-rhel-anaconda-bugzilla
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-rhel-bugzilla
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-web
RHEL 7
0:2.1.11-23.el7_1
fixed
libreport-web-devel
RHEL 7
0:2.1.11-23.el7_1
fixed
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=1214457
https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8
https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1
https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7
https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75
https://bugzilla.redhat.com/show_bug.cgi?id=1214457
https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8
https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1
https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7
https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75