exploitDog

GHSA-p9qc-jx9p-h9xh

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.

Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.

Ссылки

EPSS

Процентиль: 75%

0.00907

Низкий

CVE ID

Связанные уязвимости

CVE-2010-4236

nvd

около 15 лет назад

Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.

EPSS

Процентиль: 75%

0.00907

Низкий

CVE ID