CVE-2013-7172

high

Description

Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.

References

Advisories

https://security-tracker.debian.org/tracker/CVE-2013-7172

https://exchange.xforce.ibmcloud.com/vulnerabilities/89916

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172

http://www.openwall.com/lists/oss-security/2013/12/20/1

Details

Source: Mitre, NVD

Published: 2019-11-21

Updated: 2019-12-03

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H