CVE-2011-2472

Published: 09 June 2011

Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760.

Priority

Medium

Status

Package Release Status
oprofile
Launchpad, Ubuntu, Debian
Upstream Needed