CVE-2006-5072

Published: Oct 10, 2006Modified: Apr 23, 2026

6.2

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 1.9 / Impact: 10.0

Source: NVD

Description

The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack.

Affected (2)

Products: Mono: Mono

Mono

1 product

Mono

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Mono Mono	Version 1.0
Mono Mono	Version 2.0

References (28)

http://fedoranews.org/cms/node/2401

Source: cve@mitre.org

http://secunia.com/advisories/22237

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/22277

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/22614

Source: cve@mitre.org

http://secunia.com/advisories/23154

Source: cve@mitre.org

http://secunia.com/advisories/23213

Source: cve@mitre.org

http://secunia.com/advisories/23776

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200611-23.xml

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:188

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_73_mono.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/20340

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-357-1

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2006/3911

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/29353

Source: cve@mitre.org

http://fedoranews.org/cms/node/2401