Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:automake:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF1142BF-7EE4-4937-A928-86057C853BB8", "versionEndIncluding": "1.11.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "825E1F9E-0DFB-47BF-8D28-52B6804C199A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "41C63958-FF26-4223-8EF5-1E2CEFD9DBC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "499D5653-552E-44EE-8183-FD5D05BF8F35", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE71E960-691A-4816-A04D-A8D1F3CDA2CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p1:*:*:*:*:*:*", "matchCriteriaId": "620AE4A6-8801-4E2E-BC16-4CA0A128EAD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p2:*:*:*:*:*:*", "matchCriteriaId": "5BB76EC2-1F74-4BB2-B1B5-F3416CDC345B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p3:*:*:*:*:*:*", "matchCriteriaId": "1E969575-F171-42B7-B02D-CD494D9F9CE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p4:*:*:*:*:*:*", "matchCriteriaId": "6396CC6D-2290-4D98-90FD-498EFDAC690B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p5:*:*:*:*:*:*", "matchCriteriaId": "8227C2EC-7C6B-4C91-86FE-FD4892C0D855", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.4:p6:*:*:*:*:*:*", "matchCriteriaId": "377CA093-EE7B-4F14-A9D0-62E678EE787E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A8CECA9-BDE4-4E0D-9D1A-3A8B705736CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "37F4CA27-ECDF-4F2B-889B-954C1539DB8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A883A1BE-D2F9-43F6-9779-163762DC0BDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "098E2153-D183-4603-AB8E-A424E321CB3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "A2C958A3-01F2-45A6-8F0B-74BE794E06CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "6454F4F7-507E-4539-B566-39E5ABD9F3B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C19F15E-FBBC-4DEB-9438-DCF5FB9CD366", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "6E466BA9-460D-4B7E-BD10-9CD072DE8846", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "F9ECA16B-1AD3-4199-9D01-018DBDA0AD63", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "6667859B-7297-4BB1-97DB-195037EB71C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "8C42854C-5241-43A8-9E27-0701CE97BB94", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "855F7E05-B617-4046-B6E4-7894CD237654", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "FD6A46DF-3A7F-40EA-B2D6-BBDB8CEF2744", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "26C09EE5-460F-4169-A372-878E77120204", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "5205CF45-634B-4994-8CB1-C70B87FFC7D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "9AFB9079-79EA-4DC3-9C86-72D90788AB35", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B2ABAC0-D633-43B6-9BA2-E346E8D2BAAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "A579BF1E-0ECE-4D1F-8849-359626B9F250", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "9FAE2575-4611-481E-AA37-549B2F528864", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "F29368AC-C9BA-451B-90DA-CCE8AB291946", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "81FB30CC-D96B-443A-B1B5-61F207F80B04", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9:*:*:*:*:*:*:*", "matchCriteriaId": "6FF64364-4A8B-4155-9FDA-E4AF655EA826", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "2E529FDE-1475-4F83-AD75-795AA2CFCE48", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "FAA3D112-97D4-4605-AAD9-ACD8C1901332", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "9E44D4B2-F8E6-4D2E-800D-2101C1832261", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "7565230F-80E8-49F2-BFC9-F33B690AC78D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "52DA2099-218B-4588-B381-539307426AB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "032119F6-768D-42BF-A4B8-2059BFA3AAD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.10:*:*:*:*:*:*:*", "matchCriteriaId": "45D17CFC-3C6D-4EC1-9FED-2C158AC517C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5DD32447-BADF-4E6B-8745-75202A3AF83B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "7348FBF0-AD00-4236-9CA0-BA01FD153629", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "06107483-9738-4C1A-A706-3DE7D9F04E7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2A91930-6A6C-4B56-99DF-8A06F270AEC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F35A4AC-1FA1-49CA-A465-5E0E6E05AC0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CE405EB-E067-464D-86AE-6F0C56C7250E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "FA6C72AC-9EDB-4BB4-8C7F-BA1F886939EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DDD57193-65DC-4AFC-96C0-725AC176E7F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "C64F490F-2837-4A97-BA1E-6E796B8B4F27", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:automake:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "1CE494CF-6DD2-451E-B9F4-A102B06B9183", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The \"make distcheck\" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "La regla \"make distcheck\" en GNU Automake anterior a v1.11.6 y v1.12.x anterior a v1.12.2 asigna permisos world-writable al directorio de extracci\u00f3n, lo que produce una vulnerabilidad de condici\u00f3n de carrera que permite a usuarios locales ejecutar c\u00f3digo a trav\u00e9s de vectores no determinados."}], "id": "CVE-2012-3386", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-07T21:55:01.420", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00038.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-0526.html"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:103"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00021.html"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00022.html"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00023.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00038.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2013-0526.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://lists.gnu.org/archive/html/automake/2012-07/msg00023.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}