CVE-2012-6607

NONE EPSS 28.5%
Published Nov 23, 201312y ago · Modified Jun 16, 20262w ago
Find Similar
Published Nov 23, 2013 12y ago
Last Modified Jun 16, 2026 2w ago

Description

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.

Threat Intelligence

EPSS Exploit Probability
28.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 37

VendorProductVersionRange
augeasaugeas* ≤0.10.0
augeasaugeas0.0.1any
augeasaugeas0.0.2any
augeasaugeas0.0.3any
augeasaugeas0.0.4any
augeasaugeas0.0.5any
augeasaugeas0.0.6any
augeasaugeas0.0.7any
augeasaugeas0.0.8any
augeasaugeas0.1.0any
augeasaugeas0.1.1any
augeasaugeas0.2.0any
augeasaugeas0.2.1any
augeasaugeas0.2.2any
augeasaugeas0.3.0any
augeasaugeas0.3.1any
augeasaugeas0.3.2any
augeasaugeas0.3.3any
augeasaugeas0.3.4any
augeasaugeas0.3.5any
augeasaugeas0.3.6any
augeasaugeas0.4.0any
augeasaugeas0.4.1any
augeasaugeas0.4.2any
augeasaugeas0.5.0any
augeasaugeas0.5.1any
augeasaugeas0.5.2any
augeasaugeas0.5.3any
augeasaugeas0.6.0any
augeasaugeas0.7.0any
augeasaugeas0.7.1any
augeasaugeas0.7.2any
augeasaugeas0.7.3any
augeasaugeas0.7.4any
augeasaugeas0.8.0any
augeasaugeas0.8.1any
augeasaugeas0.9.0any

References 5

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.