CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1CVE-2011-3632
https://notcve.org/view.php?id=CVE-2011-3632
26 Nov 2019 — Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. Hardlink versiones anteriores a 0.1.2, opera en nombres de ruta de objetos del sistema de archivos completo, lo que puede permitir a un atacante local usar este fallo para realizar ataques de tipo symlink. • https://access.redhat.com/security/cve/cve-2011-3632 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2011-3631
https://notcve.org/view.php?id=CVE-2011-3631
26 Nov 2019 — Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges. Hardlink versiones anteriores a 0.1.2, presenta múltiples desbordamientos de enteros que c... • https://access.redhat.com/security/cve/cve-2011-3631 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2011-3630
https://notcve.org/view.php?id=CVE-2011-3630
26 Nov 2019 — Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable. Hardlink versiones anteriores a 0.1.2, sufre de múltiples fallos de desbordamiento de búfer en... • https://access.redhat.com/security/cve/cve-2011-3630 • CWE-787: Out-of-bounds Write •