Sign In

CVE-2010-2199

ADVISORY - nist

Summary

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to a vulnerable file that has a POSIX ACL, a related issue to CVE-2010-2059.

EPSS Score: 0.00046 (0.143)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-264

Permissions, Privileges, and Access Controls

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2010-2199
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-264

CVSS SCORE

7.2high

Debian

CREATED

UPDATED

ADVISORY IDCVE-2010-2199
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2010-2199
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2010-2199
EXPLOITABILITY SCORE

1.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.2medium