VDB

DEBIAN-CVE-2012-3500

DEBIAN-CVE-2012-3500 PUBLISHED

scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.

Affected Products

VendorProductVersions
Debian:11devscripts0, 0, 0
Debian:14devscripts0, 0, 0
Debian:13devscripts0, 0, 0
Debian:12devscripts0, 0, 0

Timeline

  • Oct 1, 2012 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›