CVE-2012-4676
Severity
1.2LOW
EPSS
0.0%
top 89.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 26
Latest updateMay 17
Description
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.
CVSS vector
AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9