CVE-2012-0786
augeas < 1.0.0 - Arbitrary File Overwrite via Symlink Attack on .augnew File
Title source: llmDescription
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
References (5)
Core 5
Core References
Patch x_refsource_confirm
https://github.com/hercules-team/augeas/commit/16387744
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55811
Vendor Advisory x_refsource_confirm
http://augeas.net/news.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=772257
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1537.html
Scores
EPSS
0.0045
EPSS Percentile
35.4%
Details
CWE
CWE-59
Status
published
Products (37)
augeas/augeas
0.0.1
augeas/augeas
0.0.2
augeas/augeas
0.0.3
augeas/augeas
0.0.4
augeas/augeas
0.0.5
augeas/augeas
0.0.6
augeas/augeas
0.0.7
augeas/augeas
0.0.8
augeas/augeas
0.1.0
augeas/augeas
0.1.1
... and 27 more
Published
Nov 23, 2013
Tracked Since
Feb 18, 2026