CVE-2012-3329
IBM Advanced Settings Utility & Bootable Media Creator - Arbitrary File Write via Symlink Attack
Title source: llmDescription
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78044
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5092090
Scores
EPSS
0.0034
EPSS Percentile
25.7%
Details
CWE
CWE-59
Status
published
Products (6)
ibm/advanced_settings_utility
3.62
ibm/advanced_settings_utility
3.70
ibm/advanced_settings_utility
9.21
ibm/bootable_media_creator
2.30
ibm/bootable_media_creator
3.00
ibm/bootable_media_creator
9.21
Published
Dec 19, 2012
Tracked Since
Feb 18, 2026