CVE-2012-6097
cronie 1.4.8 - Exposure of Sensitive Information via File Descriptor Leak
Title source: llmDescription
File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab.
References (4)
Core 4
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=786096
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:033
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=893661
Various Sources x_refsource_confirm
https://bugs.mageia.org/show_bug.cgi?id=8652
Scores
EPSS
0.0135
EPSS Percentile
68.2%
Details
CWE
CWE-200
Status
published
Products (1)
fedorahosted/cronie
1.4.8
Published
Apr 09, 2013
Tracked Since
Feb 18, 2026