HomeDevscripts Devel TeamCVE-2012-3500

CVE-2012-3500

UNKNOWN
1.2CVSS
Published: 2012-10-01
Updated: 2025-04-11
AI Analysis

Description

scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.

CVSS Metrics

Vector
AV:L/AC:H/Au:N/C:N/I:P/A:N
Access Vector
local
Access Cmplx
high
Auth
none
Confidentiality
none
Integrity
partial
Availability
none
Weaknesses
CWE-362

Metadata

Primary Vendor
DEVSCRIPTS_DEVEL_TEAM
Published
10/1/2012
Last Modified
4/11/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

devscripts_devel_team : devscriptsdevscripts_devel_team : devscripts

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2012-3500 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com