← Back

CVE-2012-3329

nvd nist
Published: Dec 19, 2012Modified: Apr 29, 2026

JSON object

Loading...
3.3
Vector
AV:L/AC:M/Au:N/C:N/I:P/A:P
Exploitability: 3.4 / Impact: 4.9
Source: NVD

Description

IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.

Affected (6)

Ibm
2 products
Advanced Settings Utility
Bootable Media Creator
Configuration A
6 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ibm
Advanced Settings Utility
Version 3.62
Advanced Settings Utility
Version 3.70
Advanced Settings Utility
Version 9.21
Ibm
Bootable Media Creator
Version 2.30
Bootable Media Creator
Version 3.00
Bootable Media Creator
Version 9.21
Running on/withPlatform Versions
Linux
Linux Kernel
All versions

Related CWEs

CWE-59
Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (4)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.