FKIE_CVE-2012-3355
Vulnerability from fkie_nvd - Published: 2012-07-17 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04FB5C83-82F6-4D83-A321-8987497008D7",
"versionEndIncluding": "0.13.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C5A5176-5109-4D2F-85FA-54D40030C658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAA6451-C2BB-45DF-8A1D-F36771AE1211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4556AD4-DBCD-4DFE-9C61-B2C94BBD0C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "464F844A-21B8-46B4-A0B8-CBF6CAA3E646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3B63EC-8E50-4ECB-A7D1-8E12AEF769BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.5.88:*:*:*:*:*:*:*",
"matchCriteriaId": "A896C622-AF81-4E75-970D-DBADAFA9786D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "560FAA61-5B0F-45EE-B906-3FCF593A124A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD6280F-87E5-4629-B822-99966520563F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD5E3B9-7EA8-4BF8-BD34-4F97FEA8C801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC940E5-A337-4314-A8AC-7ECB55CFEC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47E44198-D454-4728-820D-01FA7838CC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE3C8E4-6CCA-4EDA-BF19-AF3089834415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E4B943-377A-4796-931E-6E38008A714E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9C33F2-0D7F-4EEA-A600-187FD677FA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "23F0E8B6-B0C9-4A23-B0AC-E634EAFF4F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5826275-3B25-4D1E-A39C-EF770298F0A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1825267-CDFF-4EE5-B4EB-570962734EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2089E572-43E8-4181-B1DB-7ECA510D9444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C0E73D8-017D-44E5-9972-C48A884F3199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEEF355B-DAF6-430E-B0E9-95ACD6B7BE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43771D90-BB13-47A0-A563-C57A0E0F359F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4AFFB3-DED1-4F98-B876-4283642BA554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C7CBFC-9896-490A-BE48-0D73F055DC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1456F9-5F29-4F24-B64B-F5976B0E9674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2C2292-61CE-43BB-AD67-A89058B2206B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B2175B7C-E20B-4EC9-B165-75E003DF275C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "90469C45-F15D-471F-A2EC-8ED257CF108D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F897E5C0-C430-4339-AD1E-CCF036D66549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56EC52EF-0FB4-46A4-9455-5946F4DD5A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70A02A7B-FA3B-4561-BEF0-0AD078CA9FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33826EF0-D2EC-47AB-854C-F302689C951B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "540E27B6-699A-4E11-9744-D9147BEB7FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "311D381E-D084-4378-AA98-727EDC744F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "556BAAE3-D281-4BA0-A6F7-FFF6962AAEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "557C45AE-E51A-49BE-9183-DFCB4403A863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CD423A0E-5547-4194-B569-345382B7000E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.6.90:*:*:*:*:*:*:*",
"matchCriteriaId": "99AB8C4A-681C-4599-9618-6DA709340DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "49A7016A-982F-4F32-A9CA-B1F932C757DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0476AC18-248F-4179-8115-AF5865F532C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D26EB254-BF88-4B70-AB44-77699C0287A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.10.0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "C803C263-6D99-4DD1-A1C2-10AE7F03BC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "380AC40C-FA63-4B11-A860-633B33C35C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4C0429-BDA1-4995-9C58-54433DEE6E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EFD2E8-8586-473F-A541-75CE8E8CF368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49A89820-1E65-4362-80C1-C6D6616A77C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD5F3D3-E6A9-4A1C-9B62-23E172ED2676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2BE082-D01E-4E94-AEDC-DA6E04D08057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A19DD5B4-5383-429B-A4A3-6FC7260F5AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCCB575-017B-45A2-83DA-3EC2D272DD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B94ED188-6EE1-47BF-8CD6-9CE22C087794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7E46C2-FDC1-4A7A-A8D2-77114154058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC9689-2C1B-4AD5-8212-FC6F32CDD7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "65476CA5-17BE-4F55-BD1F-DD4D41463546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "75AA2E2F-A3E3-46C4-B456-6C6DCC6BEE69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F19FF1E-6AD2-41CF-9E69-F439BE249156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "61A3BF76-B790-4A87-9CF0-B67ABCD6B20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "273629B0-A18B-45B6-A40E-FAA6C41D6AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDB4B5F-4FF8-4754-8897-3BC23BFC62D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10559890-3B55-4030-81D4-B2E1A972E92D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D650FB8-775C-4851-9EAA-27E8B8BD66F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:rhythmbox:0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45F3D456-A425-423D-B851-E76C4865CFAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory."
},
{
"lang": "es",
"value": "(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, y (4) LyricsTab.py en el m\u00f3dulo Context en GNOME Rhythmbox v0.13.3 y anteriores permite a usuarios locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de un enlace simb\u00f3lico el ataque a un archivo de plantilla temporal de HTML en el directorio / tmp / contexto."
}
],
"id": "CVE-2012-3355",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-17T21:55:02.147",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616673"
},
{
"source": "secalert@redhat.com",
"url": "http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/06/25/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/06/25/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/54186"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1503-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=678661"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76538"
},
{
"source": "secalert@redhat.com",
"url": "https://hermes.opensuse.org/messages/15351848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/06/25/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/06/25/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1503-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=678661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/15351848"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…