QwikSec

Security Database

CVE

CWE

Training

CVE-2012-3386

Published: Aug 7, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2012-14770

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_MANDRIVA

openSUSE-SU-2012:1519

vendor-advisory

x_refsource_SUSE

FEDORA-2012-14349

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

[automake] 20120709 GNU Automake 1.11.6 released (fixes a SECURITY VULNERABILITY!)

mailing-list

x_refsource_MLIST

[automake] 20120709 GNU Automake 1.12.2 released (fixes a SECURITY VULNERABILITY!)

mailing-list

x_refsource_MLIST

[automake] 20120709 CVE-2012-3386 Automake security fix for 'make distcheck'

mailing-list

x_refsource_MLIST

http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76

x_refsource_CONFIRM

FEDORA-2012-14297

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.