CVE-2012-6607
EPSS 0.05%
Description
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
How to fix CVE-2012-6607
To remediate CVE-2012-6607, upgrade the affected package to a fixed version below.
- Debian/augeas—upgrade to 1.0.0-1 or later
Is CVE-2012-6607 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.0.0-1