cbcvebase.
CVE-2012-1093
published 2020-02-21

CVE-2012-1093: The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package…

PriorityP337high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.57%
42.7th percentile
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.

Affected

6 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debiandebian_linux
debianx11-common< 1\:7.6\+121\:7.6\+12
debianx11-common
debianxorg< xorg 1:7.6+12 (bookworm)xorg 1:7.6+12 (bookworm)

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.