Search Results (Refine Search)
- CPE Product Version: cpe:/a:gnu:automake:1.11.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-3386 |
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. Published: August 07, 2012; 5:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2009-4029 |
The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete. Published: December 19, 2009; 9:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.4 MEDIUM |