Search for vulnerabilities
Vulnerability details: VCID-uwps-2wvf-aaag
Vulnerability ID VCID-uwps-2wvf-aaag
Aliases CVE-2011-1760
Summary CVE-2011-1760 oprofile: Local privilege escalation via crafted opcontrol event parameter
Status Published
Exploitability 2.0
Weighted Severity 6.5
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
epss 0.00387 https://api.first.org/data/v1/epss?cve=CVE-2011-1760
cvssv2 7.2 https://nvd.nist.gov/vuln/detail/CVE-2011-1760
Reference id Reference type URL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212
http://openwall.com/lists/oss-security/2011/04/29/3
http://openwall.com/lists/oss-security/2011/05/01/1
http://openwall.com/lists/oss-security/2011/05/01/2
http://openwall.com/lists/oss-security/2011/05/02/17
http://openwall.com/lists/oss-security/2011/05/03/2
http://openwall.com/lists/oss-security/2011/05/10/6
http://openwall.com/lists/oss-security/2011/05/10/7
http://openwall.com/lists/oss-security/2011/05/11/1
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1760.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1760
https://bugzilla.redhat.com/show_bug.cgi?id=700883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1760
http://secunia.com/advisories/44790
http://secunia.com/advisories/45205
http://www.debian.org/security/2011/dsa-2254
http://www.securityfocus.com/bid/47652
http://www.ubuntu.com/usn/USN-1166-1
cpe:2.3:a:maynard_johnson:oprofile:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:*:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.1:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.2:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.3:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.4:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.5:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.6:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.7:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.8:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.8.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.8.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.9:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.9.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.9.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:maynard_johnson:oprofile:0.9.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:maynard_johnson:oprofile:0.9.5:*:*:*:*:*:*:*
CVE-2011-1760 https://nvd.nist.gov/vuln/detail/CVE-2011-1760
CVE-2011-1760;OSVDB-72792 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/35681.txt
CVE-2011-1760;OSVDB-72792 Exploit https://www.securityfocus.com/bid/47652/info
GLSA-201412-09 https://security.gentoo.org/glsa/201412-09
USN-1166-1 https://usn.ubuntu.com/1166-1/
Data source Exploit-DB
Date added April 29, 2011
Description OProfile 0.9.6 - 'opcontrol' Utility 'set_event()' Local Privilege Escalation
Ransomware campaign use Known
Source publication date April 29, 2011
Exploit type local
Platform linux
Source update date Jan. 3, 2015
Source URL https://www.securityfocus.com/bid/47652/info
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-1760
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.00344
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.