« List of all CVEs

CVE-2012-3386

Published: 8/7/2012 Last updated: 8/6/2024 Reserved: 6/14/2012

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (3)

conf-aclocal conf-automake freetds

Products affected (1)

Product Vendor Version
n/a n/a < *

References (20)