Unrated severityNVD Advisory· Published Jul 17, 2012· Updated Apr 29, 2026
CVE-2012-3355
CVE-2012-3355
Description
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.
Affected products
62cpe:2.3:a:gnome:rhythmbox:*:*:*:*:*:*:*:*+ 61 more
- cpe:2.3:a:gnome:rhythmbox:*:*:*:*:*:*:*:*range: <=0.13.3
- cpe:2.3:a:gnome:rhythmbox:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.5.88:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.8.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.6.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.10.0.90:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.11.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.12.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:rhythmbox:0.13.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- bugs.debian.org/cgi-bin/bugreport.cginvd
- people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3355.htmlnvd
- www.openwall.com/lists/oss-security/2012/06/25/5nvd
- www.openwall.com/lists/oss-security/2012/06/25/7nvd
- www.securityfocus.com/bid/54186nvd
- www.ubuntu.com/usn/USN-1503-1nvd
- bugzilla.gnome.org/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/76538nvd
- hermes.opensuse.org/messages/15351848nvd
News mentions
0No linked articles in our index yet.