VDB

DEBIAN-CVE-2012-3378

DEBIAN-CVE-2012-3378 PUBLISHED

The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack on a temporary socket file in /tmp/at-spi2.

Affected Products

VendorProductVersions
Debian:11at-spi2-atk0, 0, 0

Timeline

  • Aug 31, 2012 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›