Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4606

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2011-4606
Last Modified 15 Dec 2011 11:32:18
Published 14 Dec 2011 10:57:34
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-4606

Summary

Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 allows local users to overwrite arbitrary files via a symlink attack on .rocksndiamonds/cache/artworkinfo.cache under a user's home directory.

Vulnerable Systems

Application

  • Artsoft Rocks%27n%27diamonds 3.3.0.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=766805

MLIST - [oss-security] 20111212 Re: CVE request: rocksndiamonds world-writable working/config directory

MLIST - [oss-security] 20111212 CVE request: rocksndiamonds world-writable working/config directory

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651620


Last Updated: 27 May 2016 10:57:16