View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2012-3449 severity low: SUSE including 64 source package names (libopenvswitch-2_11-0-2.11.1-1.75, libopenvswitch-2_8-0-2.8.2-4.16, …), 70 product×package rows across 14 product lines (SUSE Linux Enterprise High Performance Computing 12 SP5, SUSE Linux Enterprise Module for Server Applications 15, … (14 product lines)): Fixed 70.
Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.