← Back

Hardlink Project

hardlink_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Hardlink
hardlink
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2011-3632
3Debian
Hardlink ProjectRedhat
3Debian Linux
Enterprise LinuxHardlink
Nov 21, 2024
Nov 26, 2019
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVE-2011-3631
3Debian
Hardlink ProjectRedhat
3Debian Linux
Enterprise LinuxHardlink
Nov 21, 2024
Nov 26, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote att...Show more
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.Show less
CVE-2011-3630
3Debian
Hardlink ProjectRedhat
3Debian Linux
Enterprise LinuxHardlink
Nov 21, 2024
Nov 26, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory...Show more
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.Show less